Your search keyword '"WS-Policy"' showing total 11 results

1. Estrategia Guiada por Modelos para incluir Aspectos de Seguridad en Sistemas Empotrados Basados en Servicios Web

Author

Centro para el Desarrollo Tecnológico Industrial, Ministerio de Educación y Ciencia, Silva Gallino, Juan Pedro, de Miguel, Miguel, Briones, Javier F., Alonso, Alejandro, Centro para el Desarrollo Tecnológico Industrial, Ministerio de Educación y Ciencia, Silva Gallino, Juan Pedro, de Miguel, Miguel, Briones, Javier F., and Alonso, Alejandro

Abstract

[EN] In modern distributed systems, such as in the Internet or Web of Things, security plays a fundamental role. Special atention must be placed, then, in considering these aspects in the first stages of development. In this context, the model-driven development of non functional (NF) requirements is of great interest, as it addresses those NF characteristics in the design stage, when analyses can be performed, and there is room for changes while they are still not too costly. The use of modeldriven methodologies brings with them some intrinsic benefits, such as the increase in productivity, a greater reuse of design elements, or an improved maintainability of the system. This paper presents a development strategy that allows integrating non-functional security aspects (such as as confidentiality, integrity, or access control) in embedded systems design., [ES] En los sistemas distribuidos modernos, como la Internet o Web de las Cosas, la seguridad juega un papel preponderante. Debe prestarse especial atención a la consideración de estos aspectos en las primeras etapas de desarrollo. En este contexto, el desarrollo guiado por modelos de requisitos no funcionales (NF) presenta especial interés, ya que aborda dichas características NF en la etapa de diseño, cuando todavía se pueden realizar análisis, y aún hay margen para modificaciones antes de que éstas sean muy costosas. El uso de estas metodologías guiadas por modelos ofrece beneficios tales como el aumento de la productividad, una mayor reutilización de los elementos de diseño, o una mejor mantenibilidad del sistema. Este artículo presenta una estrategia de desarrollo que permite integrar aspectos NF de seguridad (confidencialidad, integridad, y control de acceso) en los sistemas de software empotrado.

Published

2014

2. Estrategia Guiada por Modelos para incluir Aspectos de Seguridad en Sistemas Empotrados Basados en Servicios Web

Author

Centro para el Desarrollo Tecnológico Industrial, Ministerio de Ciencia e Innovación, Silva Gallino, Juan Pedro, de Miguel, Miguel, Briones, Javier F., Alonso, Alejandro, Centro para el Desarrollo Tecnológico Industrial, Ministerio de Ciencia e Innovación, Silva Gallino, Juan Pedro, de Miguel, Miguel, Briones, Javier F., and Alonso, Alejandro

Abstract

[EN] In modern distributed systems, such as in the Internet or Web of Things, security plays a fundamental role. Special atention must be placed, then, in considering these aspects in the first stages of development. In this context, the model-driven development of non functional (NF) requirements is of great interest, as it addresses those NF characteristics in the design stage, when analyses can be performed, and there is room for changes while they are still not too costly. The use of modeldriven methodologies brings with them some intrinsic benefits, such as the increase in productivity, a greater reuse of design elements, or an improved maintainability of the system. This paper presents a development strategy that allows integrating non-functional security aspects (such as as confidentiality, integrity, or access control) in embedded systems design., [ES] En los sistemas distribuidos modernos, como la Internet o Web de las Cosas, la seguridad juega un papel preponderante. Debe prestarse especial atención a la consideración de estos aspectos en las primeras etapas de desarrollo. En este contexto, el desarrollo guiado por modelos de requisitos no funcionales (NF) presenta especial interés, ya que aborda dichas características NF en la etapa de diseño, cuando todavía se pueden realizar análisis, y aún hay margen para modificaciones antes de que éstas sean muy costosas. El uso de estas metodologías guiadas por modelos ofrece beneficios tales como el aumento de la productividad, una mayor reutilización de los elementos de diseño, o una mejor mantenibilidad del sistema. Este artículo presenta una estrategia de desarrollo que permite integrar aspectos NF de seguridad (confidencialidad, integridad, y control de acceso) en los sistemas de software empotrado.

Published

2014

3. Estrategia Guiada por Modelos para incluir Aspectos de Seguridad en Sistemas Empotrados Basados en Servicios Web

Author

Centro para el Desarrollo Tecnológico Industrial, Ministerio de Ciencia e Innovación, Silva Gallino, Juan Pedro, de Miguel, Miguel, Briones, Javier F., Alonso, Alejandro, Centro para el Desarrollo Tecnológico Industrial, Ministerio de Ciencia e Innovación, Silva Gallino, Juan Pedro, de Miguel, Miguel, Briones, Javier F., and Alonso, Alejandro

Abstract

[EN] In modern distributed systems, such as in the Internet or Web of Things, security plays a fundamental role. Special atention must be placed, then, in considering these aspects in the first stages of development. In this context, the model-driven development of non functional (NF) requirements is of great interest, as it addresses those NF characteristics in the design stage, when analyses can be performed, and there is room for changes while they are still not too costly. The use of modeldriven methodologies brings with them some intrinsic benefits, such as the increase in productivity, a greater reuse of design elements, or an improved maintainability of the system. This paper presents a development strategy that allows integrating non-functional security aspects (such as as confidentiality, integrity, or access control) in embedded systems design., [ES] En los sistemas distribuidos modernos, como la Internet o Web de las Cosas, la seguridad juega un papel preponderante. Debe prestarse especial atención a la consideración de estos aspectos en las primeras etapas de desarrollo. En este contexto, el desarrollo guiado por modelos de requisitos no funcionales (NF) presenta especial interés, ya que aborda dichas características NF en la etapa de diseño, cuando todavía se pueden realizar análisis, y aún hay margen para modificaciones antes de que éstas sean muy costosas. El uso de estas metodologías guiadas por modelos ofrece beneficios tales como el aumento de la productividad, una mayor reutilización de los elementos de diseño, o una mejor mantenibilidad del sistema. Este artículo presenta una estrategia de desarrollo que permite integrar aspectos NF de seguridad (confidencialidad, integridad, y control de acceso) en los sistemas de software empotrado.

Published

2014

4. Estrategia Guiada por Modelos para incluir Aspectos de Seguridad en Sistemas Empotrados Basados en Servicios Web

Author

Centro para el Desarrollo Tecnológico Industrial, Ministerio de Ciencia e Innovación, Silva Gallino, Juan Pedro, de Miguel, Miguel, Briones, Javier F., Alonso, Alejandro, Centro para el Desarrollo Tecnológico Industrial, Ministerio de Ciencia e Innovación, Silva Gallino, Juan Pedro, de Miguel, Miguel, Briones, Javier F., and Alonso, Alejandro

Abstract

[EN] In modern distributed systems, such as in the Internet or Web of Things, security plays a fundamental role. Special atention must be placed, then, in considering these aspects in the first stages of development. In this context, the model-driven development of non functional (NF) requirements is of great interest, as it addresses those NF characteristics in the design stage, when analyses can be performed, and there is room for changes while they are still not too costly. The use of modeldriven methodologies brings with them some intrinsic benefits, such as the increase in productivity, a greater reuse of design elements, or an improved maintainability of the system. This paper presents a development strategy that allows integrating non-functional security aspects (such as as confidentiality, integrity, or access control) in embedded systems design., [ES] En los sistemas distribuidos modernos, como la Internet o Web de las Cosas, la seguridad juega un papel preponderante. Debe prestarse especial atención a la consideración de estos aspectos en las primeras etapas de desarrollo. En este contexto, el desarrollo guiado por modelos de requisitos no funcionales (NF) presenta especial interés, ya que aborda dichas características NF en la etapa de diseño, cuando todavía se pueden realizar análisis, y aún hay margen para modificaciones antes de que éstas sean muy costosas. El uso de estas metodologías guiadas por modelos ofrece beneficios tales como el aumento de la productividad, una mayor reutilización de los elementos de diseño, o una mejor mantenibilidad del sistema. Este artículo presenta una estrategia de desarrollo que permite integrar aspectos NF de seguridad (confidencialidad, integridad, y control de acceso) en los sistemas de software empotrado.

Published

2014

5. A replicated information system to enable dynamic collaborationsin the Grid

Author

Universitat Politècnica de València. Instituto de Instrumentación para Imagen Molecular - Institut d'Instrumentació per a Imatge Molecular, Universitat Politècnica de València. Departamento de Sistemas Informáticos y Computación - Departament de Sistemes Informàtics i Computació, Ministerio de Educación y Ciencia, Generalitat Valenciana, European Regional Development Fund, Torres Serrano, Erik, Moltó Martínez, Germán, Segrelles Quilis, José Damián, Blanquer Espert, Ignacio, Hernández García, Vicente, Universitat Politècnica de València. Instituto de Instrumentación para Imagen Molecular - Institut d'Instrumentació per a Imatge Molecular, Universitat Politècnica de València. Departamento de Sistemas Informáticos y Computación - Departament de Sistemes Informàtics i Computació, Ministerio de Educación y Ciencia, Generalitat Valenciana, European Regional Development Fund, Torres Serrano, Erik, Moltó Martínez, Germán, Segrelles Quilis, José Damián, Blanquer Espert, Ignacio, and Hernández García, Vicente

Abstract

The main advantage of Grid computing over other distributed computing paradigms is its capability to coordinate the access to data and resources in a virtual multi-institutional environment. To this end, the information system plays a decisive role in selecting the services that meet the applications' needs. This paper presents an information system for the Grid that provides transparent and scalable group communication services to standard Grid applications, with the objective of supporting dynamic collaborations that could help address problems that involve only some participants of a virtual organization. In particular, it enables more flexible delivery mechanisms, which allows applications to select the appropriate services before sending their data to the information system. This significantly enhances the protection of data from unauthorized access, and avoids the transmission of unnecessary messages over the network. The proposed information system is based on the use of XML technologies and replication. It introduces several new advanced features that are not currently supported as a whole by any Grid middleware, such as: several entry points to the information, persistent capabilities, support for advanced queries based on XQuery, and support for the industrial standard WS-Policy. The information system has been stress tested under realistic workloads in a Grid infrastructure with 50 sites. Scalability has been evaluated in up to 1000 messages that can be up to 10KB in size each, updated with a frequency of 5min. Copyright © 2012 John Wiley & Sons, Ltd.

Published

2012

6. A replicated information system to enable dynamic collaborationsin the Grid

Author

Universitat Politècnica de València. Instituto de Instrumentación para Imagen Molecular - Institut d'Instrumentació per a Imatge Molecular, Universitat Politècnica de València. Departamento de Sistemas Informáticos y Computación - Departament de Sistemes Informàtics i Computació, Ministerio de Educación y Ciencia, Generalitat Valenciana, European Regional Development Fund, Torres Serrano, Erik, Moltó Martínez, Germán, Segrelles Quilis, José Damián, Blanquer Espert, Ignacio, Hernández García, Vicente, Universitat Politècnica de València. Instituto de Instrumentación para Imagen Molecular - Institut d'Instrumentació per a Imatge Molecular, Universitat Politècnica de València. Departamento de Sistemas Informáticos y Computación - Departament de Sistemes Informàtics i Computació, Ministerio de Educación y Ciencia, Generalitat Valenciana, European Regional Development Fund, Torres Serrano, Erik, Moltó Martínez, Germán, Segrelles Quilis, José Damián, Blanquer Espert, Ignacio, and Hernández García, Vicente

Abstract

The main advantage of Grid computing over other distributed computing paradigms is its capability to coordinate the access to data and resources in a virtual multi-institutional environment. To this end, the information system plays a decisive role in selecting the services that meet the applications' needs. This paper presents an information system for the Grid that provides transparent and scalable group communication services to standard Grid applications, with the objective of supporting dynamic collaborations that could help address problems that involve only some participants of a virtual organization. In particular, it enables more flexible delivery mechanisms, which allows applications to select the appropriate services before sending their data to the information system. This significantly enhances the protection of data from unauthorized access, and avoids the transmission of unnecessary messages over the network. The proposed information system is based on the use of XML technologies and replication. It introduces several new advanced features that are not currently supported as a whole by any Grid middleware, such as: several entry points to the information, persistent capabilities, support for advanced queries based on XQuery, and support for the industrial standard WS-Policy. The information system has been stress tested under realistic workloads in a Grid infrastructure with 50 sites. Scalability has been evaluated in up to 1000 messages that can be up to 10KB in size each, updated with a frequency of 5min. Copyright © 2012 John Wiley & Sons, Ltd.

Published

2012

7. A Policy-Based Authorization Framework for Web Services: Integrating XGTRBAC and WS-Policy

Author

Bhatti, Rafae, Sanz, Daniel, Bertino, Elisa, Ghafoor, Arif, Bhatti, Rafae, Sanz, Daniel, Bertino, Elisa, and Ghafoor, Arif

Abstract

Authorization and access control in Web services is complicated by the unique requirements of the dynamic Web services paradigm. Current authentication mechanisms for Web services do not differentiate between users in terms of fine-grained access privileges. This results in an all-or-nothing access which is not flexible enough for modern day business processes using Web services to execute. In this paper, we present a policy-based authorization framework to address this requirement. We have designed a profile of the well-known WS-Policy specification tailored to meet the access control requirements in Web services by integrating WS-Policy with an access control policy specification language, X-GTRBAC. The design of the profile is aimed at bridging the gap between available policy standards for Web services and existing policy specification languages for access control. The profile supports the WS-Policy Attachment specification, which allows separate policies to be associated with multiple components of a Web service description, and one of our key contributions is the design of an algorithm to compute the effective policy for the Web service given the multiple policy attachments. To allow Web service applications to use our solution, we have adopted a component-based design approach based on well-known UML notations. We have also prototyped our architecture, and implemented it as a loosely coupled Web service providing healthcare information services to physicians subject to applicable authorization policies.

Published

2007

8. A Policy-Based Authorization Framework for Web Services: Integrating XGTRBAC and WS-Policy

Author

Bhatti, Rafae, Sanz, Daniel, Bertino, Elisa, Ghafoor, Arif, Bhatti, Rafae, Sanz, Daniel, Bertino, Elisa, and Ghafoor, Arif

Abstract

Authorization and access control in Web services is complicated by the unique requirements of the dynamic Web services paradigm. Current authentication mechanisms for Web services do not differentiate between users in terms of fine-grained access privileges. This results in an all-or-nothing access which is not flexible enough for modern day business processes using Web services to execute. In this paper, we present a policy-based authorization framework to address this requirement. We have designed a profile of the well-known WS-Policy specification tailored to meet the access control requirements in Web services by integrating WS-Policy with an access control policy specification language, X-GTRBAC. The design of the profile is aimed at bridging the gap between available policy standards for Web services and existing policy specification languages for access control. The profile supports the WS-Policy Attachment specification, which allows separate policies to be associated with multiple components of a Web service description, and one of our key contributions is the design of an algorithm to compute the effective policy for the Web service given the multiple policy attachments. To allow Web service applications to use our solution, we have adopted a component-based design approach based on well-known UML notations. We have also prototyped our architecture, and implemented it as a loosely coupled Web service providing healthcare information services to physicians subject to applicable authorization policies.

Published

2007

9. A Policy-Based Authorization Framework for Web Services: Integrating XGTRBAC and WS-Policy

Author

Bhatti, Rafae, Sanz, Daniel, Bertino, Elisa, Ghafoor, Arif, Bhatti, Rafae, Sanz, Daniel, Bertino, Elisa, and Ghafoor, Arif

Abstract

Authorization and access control in Web services is complicated by the unique requirements of the dynamic Web services paradigm. Current authentication mechanisms for Web services do not differentiate between users in terms of fine-grained access privileges. This results in an all-or-nothing access which is not flexible enough for modern day business processes using Web services to execute. In this paper, we present a policy-based authorization framework to address this requirement. We have designed a profile of the well-known WS-Policy specification tailored to meet the access control requirements in Web services by integrating WS-Policy with an access control policy specification language, X-GTRBAC. The design of the profile is aimed at bridging the gap between available policy standards for Web services and existing policy specification languages for access control. The profile supports the WS-Policy Attachment specification, which allows separate policies to be associated with multiple components of a Web service description, and one of our key contributions is the design of an algorithm to compute the effective policy for the Web service given the multiple policy attachments. To allow Web service applications to use our solution, we have adopted a component-based design approach based on well-known UML notations. We have also prototyped our architecture, and implemented it as a loosely coupled Web service providing healthcare information services to physicians subject to applicable authorization policies.

Published

2007

10. Aspect-Oriented Techniques for Web Services: a Model-Driven Approach

Author

Guadalupe Ortiz and Juan Hernández, Ortiz, Guadalupe, Hernández, Juan, Guadalupe Ortiz and Juan Hernández, Ortiz, Guadalupe, and Hernández, Juan

Abstract

Web Service technologies offer a successful way for interoperability among applications, but in order to tackle the entire web service life cycle, it is necessary to face how to model systems based on service functionality and also how to add extra-functional properties to modelled services. In this regard, we propose first of all a versatile and simple UML profile based on the Service Component Architecture specification for modelling services, in order to provide a model environment in which to add extra-functional properties. Secondly, a new UML profile is proposed to model and reuse the said extra-functional properties in service models. The implemented models based on these profiles will be independent from a final implementation language or platform, thus it is necessary to specify a particular type of model to convert the independent one into in a subsequent step. In order to meet this requirement an object, an aspect and a policy based models are proposed as the intermediate step between the independent model and the final code. We acknowledge that there are tools available which convert Java models into web services' Java code, and it is not our aim to build a tool to fulfil this requirement. Regarding extra-functional properties, aspect-oriented techniques allow them to be easily modularized and reused; in this respect, properties are implemented as aspects in a totally transparent way and avoid the need to modify service code in an intrusive manner on adding extra-functional properties, improving our system maintenance. Furthermore, this way traceability between the model and the code is perfectly maintained in both directions. This work has been developed thanks to the support of CICYT under contract TIN2005-09405-C02-02.

Published

2006

11. Towards UML Modelling Extra-Functional Properties in Web Services and their Clients

Author

Guadalupe Ortiz and Juan Hernández, Ortiz, Guadalupe, Hernández, Juan, Guadalupe Ortiz and Juan Hernández, Ortiz, Guadalupe, and Hernández, Juan

Abstract

Web Services provide our systems with a platform independent and loosely coupled implementation environment, being time to face how the named systems can be modelled. Service Component Architecture (SCA) allows us to define services independently of the final implementation technology; however, it does not integrate the remaining development stages. Model Driven Architecture provides a method to face all stages in development from the platform independent model to final code, although it is not specific to service technologies. Regarding web service extra-functional properties, WS-Policy establishes how to describe them in a loosely coupled manner; however the loosely coupled environment is not always maintained when modelling or implementing these properties, which can be solved by using aspect-oriented techniques. In this paper, we propose to use a model driven approach for extra-functional properties in SCA service based models, where generated code will consist of the policy description and an aspect-oriented implementation.

Published

2006