Managing impacts of security protocol changes in service-oriented applications

Halvard Skogsrud, Boualem Benatallah, Fabio Casati, Farouk Toumani

Результат исследования: Материалы для книги/типы отчетовМатериалы для конференции

18 Цитирования (Scopus)

Аннотация

We present a software tool and a framework for security protocol change management. While we focus on trust negotiation protocols in this paper, many of the ideas are generally applicable to other types of protocols. Trust negotiation is a flexible approach to access control that is well suited to dynamic environments typical of service-oriented applications. However, managing the evolution of trust negotiation protocols is a difficult problem that has not been sufficiently addressed, especially in situations where there are ongoing negotiations. By using our framework, the consequences of changing the protocol that applies to on-going trust negotiations can be automatically determined. We have also implemented a database-backed GUI tool to manage the change process as an extension of an existing system, and we have performed experiments to test the efficiency of our management software. Our experimental results show that the techniques proposed can scale to applications with tens of thousands of simultaneous users even on commodity PCs.

Язык оригиналаАнглийский
Заголовок главной публикацииProceedings - 29th International Conference on Software Engineering, ICSE 2007
Страницы468-477
Количество страниц10
DOI
Статус публикацииОпубликовано - 2007
Опубликовано для внешнего пользованияДа
Событие29th International Conference on Software Engineering, ICSE 2007 - Minneapolis, MN, Соединенные Штаты Америки
Длительность: 20 мая 200726 мая 2007

Конференция

Конференция29th International Conference on Software Engineering, ICSE 2007
СтранаСоединенные Штаты Америки
ГородMinneapolis, MN
Период20.5.0726.5.07

    Fingerprint

ASJC Scopus subject areas

  • Software

Цитировать

Skogsrud, H., Benatallah, B., Casati, F., & Toumani, F. (2007). Managing impacts of security protocol changes in service-oriented applications. В Proceedings - 29th International Conference on Software Engineering, ICSE 2007 (стр. 468-477). [4222608] https://doi.org/10.1109/ICSE.2007.49