- Autori:
- 
              Barletta, Michele; Calvi, Alberto; Ranise, Silvio; Vigano', Luca; Zanetti, Luca
            
- Titolo:
- 
              Workflow and Access Control Reloaded: a Declarative Specification Framework for the Automated Analysis of Web Services
            
- Anno:
- 
              
                
                
                  2011
                
                                      
            
- Tipologia prodotto:
- 
              Articolo in Rivista
            
- Tipologia ANVUR:
- Articolo su rivista
- Lingua:
- 
              
                
              
                
                  Inglese
                
              
                
              
                
              
                
              
                
              
                
              
                
              
                
              
                
              
                
              
                
              
                
              
                
              
                
              
                
              
                
              
                
              
                
              
                
              
                
              
                
              
                
              
                
              
                
              
                
              
                
              
                
              
                
              
                
              
                
              
                
              
            
- Formato:
- 
              
                A Stampa
              
              
            
- Referee:
- 
                    
                        Sì
                    
                    
                
- Nome rivista:
- SCALABLE COMPUTING. PRACTICE AND EXPERIENCE
- ISSN Rivista:
- 1895-1767
- N° Volume:
- 
                    12
                
- Numero o Fascicolo:
- 
                    1
                
- Intervallo pagine:
- 
                    1-20
                
- Parole chiave:
- 
                    Computer security; formal methods; web services
                
- Breve descrizione dei contenuti:
- Web services supporting business and administrative transactions between several parties over the Internet are more and more widespread. Their development involves several security issues ranging from authentication to the management of the access to shared resources according to given business and legal models. The capability of validating designs against fast evolving requirements is of paramount importance for the adaptation of business and administrative models to changing regulations and rapidly evolving market needs. We present formal specification and analysis techniques that allow us to validate the designs of security-sensitive web services specified in the Business Process Execution Language and extensions of the Role-Based Access Control model. We also present a prototype tool, called WSSMT, mechanizing our approach and describe our experience in using it on two industrial case studies, on in the e-business and one in the e-government area.
- Id prodotto:
- 
                    60926
                
- Handle IRIS:
- 
                    11562/353883
                
- depositato il:
- 
                17 novembre 2012
              
- ultima modifica:
- 
                23 ottobre 2022
              
- Citazione bibliografica:
- 
    Barletta, Michele; Calvi, Alberto; Ranise, Silvio; Vigano', Luca; Zanetti, Luca,
     Workflow and Access Control Reloaded: a Declarative Specification Framework for the Automated Analysis of Web Services
    
        
    
    
        
            «SCALABLE COMPUTING. PRACTICE AND EXPERIENCE»
        
    
    
    
        
            , vol.  12
        
    
    
        
            , n.  1
        
    
    
        
    
    
        
            ,  2011
        
    
    
        
            ,  pp. 1-20
 
						Consulta la scheda completa presente nel
						
							repository istituzionale della Ricerca di Ateneo 