Skip to Main content Skip to Navigation
Conference papers

Preventing data leakage in service orchestration

Abstract : Web Services are currently the base of a lot a ecommerce applications. Nevertheless, clients often use these services without knowing anything about their internals. Moreover, they have no clue about the use of their personal data inside the global applications. In this paper, we offer the opportunity to the user to specify constraints on the use of its personal data. To ensure the privacy of data at runtime, we define a distributed security policy model. This policy is configured at runtime by the user of the BPEL program. This policy is enforced within a BPEL interpreter, and ensures that no information flow can be produced from the user data to unauthorized services. However, the dynamic aspects of web services lead to situations where the policy prohibits the nominal operation of orchestration (e.g., when using a service that is unknown by the user). To solve this problem, we propose to let user to dynamically permit exceptional unauthorized flows. In order to make decision, the user is provided with all information necessary for decisionmaking. We also present an implementation inside the Orchestra BPEL interpreter. As far as we know this implementation is the first information flow monitor for web services that is also enduser configurable.
Document type :
Conference papers
Complete list of metadata

Cited literature [9 references]  Display  Hide  Download
Contributor : Anne Cloirec Connect in order to contact the contributor
Submitted on : Monday, January 9, 2012 - 11:46:28 AM
Last modification on : Tuesday, October 19, 2021 - 11:58:54 PM
Long-term archiving on: : Tuesday, December 13, 2016 - 8:44:04 PM


Files produced by the author(s)



Thomas Demongeot, Eric Totel, Valérie Viet Triem Tong, Yves Le Traon. Preventing data leakage in service orchestration. IAS 2011, Dec 2011, Malacca, Malaysia. 6 p., ⟨10.1109/ISIAS.2011.6122806⟩. ⟨hal-00657796⟩



Les métriques sont temporairement indisponibles