A novel aspect-oriented BPEL framework for the dynamic enforcement of web services security

Azzam Mourad, Sara Ayoubi, Hamdi Yahyaoui, Hadi Otrok

Research output: Contribution to journalArticlepeer-review

7 Scopus citations

Abstract

In this paper, we propose a new framework for the dynamic enforcement of composite Web services security, which is based on a synergy between Aspect-Oriented Programming (AOP) and BPEL (Business Process Execution Language). This synergy is achieved through the elaboration of a new language called AspectBPEL, which is used to specify security policies Abstract: separate components, referred to as aspects, to be weaved systematically in a BPEL process. The injected aspects activate the security policies at runtime on specific join points. Our approach enjoys several additional features such as (1) separating the business and security concerns of composite Web services (2) allowing the update of security mechanisms of composite Web services at run time, (3) providing modularity for modeling cross-cutting concerns between Web services, (4) centralising some security measurements at the BPEL side and (5) providing a framework fully compatible with any BPEL engine regardless of the adopted development environment.

Original languageBritish English
Pages (from-to)361-385
Number of pages25
JournalInternational Journal of Web and Grid Services
Volume8
Issue number4
DOIs
StatePublished - 2012

Keywords

  • AOP
  • BPEL
  • RBAC
  • Security
  • Web services

Fingerprint

Dive into the research topics of 'A novel aspect-oriented BPEL framework for the dynamic enforcement of web services security'. Together they form a unique fingerprint.

Cite this