Managing impacts of security protocol changes in service-oriented applications

Halvard Skogsrud, Boualem Benatallah, Fabio Casati, Farouk Toumani

Research output: Chapter in Book/Report/Conference proceedingConference contribution

19 Citations (Scopus)

Abstract

We present a software tool and a framework for security protocol change management. While we focus on trust negotiation protocols in this paper, many of the ideas are generally applicable to other types of protocols. Trust negotiation is a flexible approach to access control that is well suited to dynamic environments typical of service-oriented applications. However, managing the evolution of trust negotiation protocols is a difficult problem that has not been sufficiently addressed, especially in situations where there are ongoing negotiations. By using our framework, the consequences of changing the protocol that applies to on-going trust negotiations can be automatically determined. We have also implemented a database-backed GUI tool to manage the change process as an extension of an existing system, and we have performed experiments to test the efficiency of our management software. Our experimental results show that the techniques proposed can scale to applications with tens of thousands of simultaneous users even on commodity PCs.

Original languageEnglish
Title of host publicationProceedings - 29th International Conference on Software Engineering, ICSE 2007
Pages468-477
Number of pages10
DOIs
Publication statusPublished - 2007
Externally publishedYes
Event29th International Conference on Software Engineering, ICSE 2007 - Minneapolis, MN, United States
Duration: 20 May 200726 May 2007

Conference

Conference29th International Conference on Software Engineering, ICSE 2007
CountryUnited States
CityMinneapolis, MN
Period20.5.0726.5.07

ASJC Scopus subject areas

  • Software

Fingerprint Dive into the research topics of 'Managing impacts of security protocol changes in service-oriented applications'. Together they form a unique fingerprint.

Cite this