The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Service composition is an effective way to achieve value-added service, which has found wide application in various areas. security design at architecture level is critical to achieve high assurance for these applications. However, most security design techniques for service composition were in ad hoc fashion and fell short in precise notations. This paper proposes a formal aspect-oriented approach...
The widespread use of standard, worldwide and vendor-independent OPC UA specifications in industrial environment introduces many benefits as it allows to keep open the market of the industrial applications. On the other hand, OPC UA adopts a very complex software infrastructure to realise the data exchange between industrial applications and devices (e.g. mainframes, PLC, microcontroller); this complexity...
Service-oriented Architectures support the provision, discovery, and usage of services in different application contexts. The Web Service specifications provide a technical foundation to implement this paradigm. Moreover, mechanisms are provided to face the new security challenges raised by SOA. To enable the seamless usage of services, security requirements can be expressed as security policies (e...
Service-oriented Architecture (SOA) is increasingly relevant across several domains of application by promising systems openness and unification over a common design and communication paradigm. At device level, the application of SOA is carried, on one hand, by Devices Profile for Web Services (DPWS) and complementary web-based specifications oriented towards resource management, and, on the other...
This paper is concerned with correct specification and validation of quality attribute requirements (QAR's) that cross-cut through a diverse set of complex system functions. These requirements act as modifiers of the systems level functional requirements thereby having substantial influence on the eventual architectural selection. Because system designers traditionally address these requirements one...
This paper proposes using functional programming style in a way to respond to detection of and interaction with the software attacks and vulnerabilities. Additionally, our approach considers involving Description Logics, as a basis for the use of the Semantic Web and meta-programming to produce executable ontologies and to enable semantic reasoning over behavior and interaction with software attacks...
Storage plays an important role in sufficing the requirements of data intensive applications in a Grid computing environment. Current Scientific applications perform complex computational analysis, and consume/produce hundreds of terabytes of data. The authors in this paper have surveyed available data grid solutions, viz., Storage Resource Broker (SRB), Grid File System (GFS), Storage Resource Manager...
Event-drive business processes require integration with distributed heterogeneous services to fulfill the functionalities. Business processes run in parallel and interact with multiple services, partners and customers as per the requirement and policy. There is a need to aggregate information from multiple resources or services according to policy. Resource or service aggregation provides better query,...
Nowadays, there is a large diffusion of open and dynamic cooperative architectures that are based on services (SOA). In general, a customer is not only interested in service functionalities, but also in its quality (i.e. performance, cost, reliability, security and so on). In this scenario, models, techniques and tools supporting the effective selection of the service that provides the better quality...
We advocate goal-oriented software security engineering to produce highly secure software in a constructive,provable and cost-effective manner. Our approach is to couple goal-oriented semi-formal requirements specifications with formal design and implementation. To this effect, we proposed FADES (formal analysis and design for engineering security)in as the first goal-oriented software security engineering...
In this paper we have analyzed and developed a formal specification of a trust model in semantic grid registry. This paper formalizes the basic requirements of a trust model in case of semantic grid registry. We have described the flow of operations of our system through links and processes in the system architecture. The system is formally modeled in pi-calculus. Finally we transformed the specification...
The service-oriented architecture paradigm is influencing modern software systems remarkably and Web services are a common technology to implement such systems. However, the numerous Web service standard specifications and especially their ambiguity result in a high complexity which opens the door for security-critical mistakes.This paper aims on raising awareness of this issue while discussing a...
The rising need for security in SOA applications requires better support for management of non-functional properties in Web-based business processes. Here, the model-driven approach may provide valuable benefits in terms of maintainability and deployment. Apart from modeling the pure functionality of a process, the consideration of security properties at the level of a process model is a promising...
Service-oriented Architectures deliver a flexible infrastructure to allow independently developed software components to communicate in a seamless manner. In the scope of organisational workflows, SOA provides a suitable foundation to execute business processes as an orchestration of multiple independent services. Along with the increased connectivity, the corresponding security risks rise exponentially...
The goal of service oriented architectures (SOAs) is to enable the creation of business applications through the automatic discovery and composition of independently developed and deployed (Web) services. Automatic discovery of Web services (WSs) can be achieved by incorporating semantics into a richer WS description model (WSDM) and by the use of semantic Web (SW) technologies in the WS matchmaking...
This paper presents a formal specification of Mondex, an electronic purse, using SAM. Mondex is the first pilot project for the 6th Grand Challenge to develop an integrated, automated toolset that developers can use to establish the correctness of software. Several research groups around the world have applied different formal methods in specifying and analyzing the Mondex smart card since 2006. Our...
MDX is a language that expresses selections, calculations, and some metadata definitions against an Online Analytical Processing (OLAP) database. As the user interface with OLAP, the MDX complier is a major component of the OLAP analysis server. This paper addresses the system design of MDX compiler via the ADD method, meaning that system requirements, including functional and quality requirements...
Usage control is the field of security which deals with the issue of access decisions on a client platform which is outside the domain of the original owner. These issues include digital rights management, privacy issues and concepts such as content redistribution. UCON is a highly expressive usage control model, which significantly enhances traditional access control models through decision continuity...
In novel market-oriented resource sharing models, resource consumers pay for the resource usage and expect that non-functional requirements for the application execution, termed as quality of service (QoS), are satisfied. QoS is negotiated between two parties following the specific negotiation protocols and is recorded using service level agreements (SLAs). However, most of the existing work assumes...
The Internet is moving from being a collection of applications toward a collection of services through the Web. Therefore, service oriented architecture (SOA) has become an active area of research and development. Web services as an example of SOA provide the integration of software applications in an incremental way, using existing platforms and languages that utilize and adapt to existing legacy...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.