Internet is offering a variety of services that are assembled to accomplish requests made by clients. While serving a request, security of the communications and of the data exchanged among services is crucial. Since communications occur along specific channels, it is equally important to guarantee that the interactions between a client and a server never get blocked because either cannot access a selected channel. We address here both these problems, from a formal point of view. A static analysis is presented, guaranteeing that a composition of a client and of possibly nested services respects both security policies for access control, and compliance between clients and servers.
A formal framework for secure and complying services / Basile, Davide; Degano, Pierpaolo*; Ferrari, Gian -Luigi. - In: THE JOURNAL OF SUPERCOMPUTING. - ISSN 0920-8542. - ELETTRONICO. - (2014), pp. 43-52. [10.1007/s11227-014-1211-0]
A formal framework for secure and complying services
Basile, Davide
;Degano, Pierpaolo;
2014
Abstract
Internet is offering a variety of services that are assembled to accomplish requests made by clients. While serving a request, security of the communications and of the data exchanged among services is crucial. Since communications occur along specific channels, it is equally important to guarantee that the interactions between a client and a server never get blocked because either cannot access a selected channel. We address here both these problems, from a formal point of view. A static analysis is presented, guaranteeing that a composition of a client and of possibly nested services respects both security policies for access control, and compliance between clients and servers.
I documenti in FLORE sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
