Managing impacts of security protocol changes in service-oriented applications

Halvard Skogsrud, Boualem Benatallah, Fabio Casati, Farouk Toumani

Результат исследований: Материалы для книги/типы отчетовМатериалы для конференции

18 Цитирования (Scopus)

Выдержка

We present a software tool and a framework for security protocol change management. While we focus on trust negotiation protocols in this paper, many of the ideas are generally applicable to other types of protocols. Trust negotiation is a flexible approach to access control that is well suited to dynamic environments typical of service-oriented applications. However, managing the evolution of trust negotiation protocols is a difficult problem that has not been sufficiently addressed, especially in situations where there are ongoing negotiations. By using our framework, the consequences of changing the protocol that applies to on-going trust negotiations can be automatically determined. We have also implemented a database-backed GUI tool to manage the change process as an extension of an existing system, and we have performed experiments to test the efficiency of our management software. Our experimental results show that the techniques proposed can scale to applications with tens of thousands of simultaneous users even on commodity PCs.

Язык оригиналаАнглийский
Название основной публикацииProceedings - 29th International Conference on Software Engineering, ICSE 2007
Страницы468-477
Число страниц10
DOI
СостояниеОпубликовано - 2007
Опубликовано для внешнего пользованияДа
Событие29th International Conference on Software Engineering, ICSE 2007 - Minneapolis, MN, Соединенные Штаты Америки
Продолжительность: 20 мая 200726 мая 2007

Конференция

Конференция29th International Conference on Software Engineering, ICSE 2007
СтранаСоединенные Штаты Америки
ГородMinneapolis, MN
Период20.5.0726.5.07

Отпечаток

Network protocols
Graphical user interfaces
Access control
Experiments

ASJC Scopus subject areas

  • Software

Цитировать

Skogsrud, H., Benatallah, B., Casati, F., & Toumani, F. (2007). Managing impacts of security protocol changes in service-oriented applications. В Proceedings - 29th International Conference on Software Engineering, ICSE 2007 (стр. 468-477). [4222608] https://doi.org/10.1109/ICSE.2007.49

Managing impacts of security protocol changes in service-oriented applications. / Skogsrud, Halvard; Benatallah, Boualem; Casati, Fabio; Toumani, Farouk.

Proceedings - 29th International Conference on Software Engineering, ICSE 2007. 2007. стр. 468-477 4222608.

Результат исследований: Материалы для книги/типы отчетовМатериалы для конференции

Skogsrud, H, Benatallah, B, Casati, F & Toumani, F 2007, Managing impacts of security protocol changes in service-oriented applications. в Proceedings - 29th International Conference on Software Engineering, ICSE 2007., 4222608, стр. 468-477, Minneapolis, MN, Соединенные Штаты Америки, 20.5.07. https://doi.org/10.1109/ICSE.2007.49
Skogsrud H, Benatallah B, Casati F, Toumani F. Managing impacts of security protocol changes in service-oriented applications. В Proceedings - 29th International Conference on Software Engineering, ICSE 2007. 2007. стр. 468-477. 4222608 https://doi.org/10.1109/ICSE.2007.49
Skogsrud, Halvard ; Benatallah, Boualem ; Casati, Fabio ; Toumani, Farouk. / Managing impacts of security protocol changes in service-oriented applications. Proceedings - 29th International Conference on Software Engineering, ICSE 2007. 2007. стр. 468-477
@inproceedings{8c4d844d394445518f10a1ba9872e726,
title = "Managing impacts of security protocol changes in service-oriented applications",
abstract = "We present a software tool and a framework for security protocol change management. While we focus on trust negotiation protocols in this paper, many of the ideas are generally applicable to other types of protocols. Trust negotiation is a flexible approach to access control that is well suited to dynamic environments typical of service-oriented applications. However, managing the evolution of trust negotiation protocols is a difficult problem that has not been sufficiently addressed, especially in situations where there are ongoing negotiations. By using our framework, the consequences of changing the protocol that applies to on-going trust negotiations can be automatically determined. We have also implemented a database-backed GUI tool to manage the change process as an extension of an existing system, and we have performed experiments to test the efficiency of our management software. Our experimental results show that the techniques proposed can scale to applications with tens of thousands of simultaneous users even on commodity PCs.",
author = "Halvard Skogsrud and Boualem Benatallah and Fabio Casati and Farouk Toumani",
year = "2007",
doi = "10.1109/ICSE.2007.49",
language = "English",
isbn = "0769528287",
pages = "468--477",
booktitle = "Proceedings - 29th International Conference on Software Engineering, ICSE 2007",

}

TY - GEN

T1 - Managing impacts of security protocol changes in service-oriented applications

AU - Skogsrud, Halvard

AU - Benatallah, Boualem

AU - Casati, Fabio

AU - Toumani, Farouk

PY - 2007

Y1 - 2007

N2 - We present a software tool and a framework for security protocol change management. While we focus on trust negotiation protocols in this paper, many of the ideas are generally applicable to other types of protocols. Trust negotiation is a flexible approach to access control that is well suited to dynamic environments typical of service-oriented applications. However, managing the evolution of trust negotiation protocols is a difficult problem that has not been sufficiently addressed, especially in situations where there are ongoing negotiations. By using our framework, the consequences of changing the protocol that applies to on-going trust negotiations can be automatically determined. We have also implemented a database-backed GUI tool to manage the change process as an extension of an existing system, and we have performed experiments to test the efficiency of our management software. Our experimental results show that the techniques proposed can scale to applications with tens of thousands of simultaneous users even on commodity PCs.

AB - We present a software tool and a framework for security protocol change management. While we focus on trust negotiation protocols in this paper, many of the ideas are generally applicable to other types of protocols. Trust negotiation is a flexible approach to access control that is well suited to dynamic environments typical of service-oriented applications. However, managing the evolution of trust negotiation protocols is a difficult problem that has not been sufficiently addressed, especially in situations where there are ongoing negotiations. By using our framework, the consequences of changing the protocol that applies to on-going trust negotiations can be automatically determined. We have also implemented a database-backed GUI tool to manage the change process as an extension of an existing system, and we have performed experiments to test the efficiency of our management software. Our experimental results show that the techniques proposed can scale to applications with tens of thousands of simultaneous users even on commodity PCs.

UR - http://www.scopus.com/inward/record.url?scp=34548793482&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=34548793482&partnerID=8YFLogxK

U2 - 10.1109/ICSE.2007.49

DO - 10.1109/ICSE.2007.49

M3 - Conference contribution

AN - SCOPUS:34548793482

SN - 0769528287

SN - 9780769528281

SP - 468

EP - 477

BT - Proceedings - 29th International Conference on Software Engineering, ICSE 2007

ER -