A novel aspect-oriented BPEL framework for the dynamic enforcement of web services security
- Post by: eargadmin
- 27 June 2021
- Comments off
Abstract
In this paper, we propose a new framework for the dynamic
enforcement of composite Web services security, which is based on a synergy
between Aspect-Oriented Programming (AOP) and BPEL (Business Process
Execution Language). This synergy is achieved through the elaboration of a
new language called AspectBPEL, which is used to specify security policies as
separate components, referred to as aspects, to be weaved systematically in a
BPEL process. The injected aspects activate the security policies at runtime
on specific join points. Our approach enjoys several additional features such as
(1) separating the business and security concerns of composite Web services
(2) allowing the update of security mechanisms of composite Web services at
run time, (3) providing modularity for modeling cross-cutting concerns between
Web services, (4) centralizing some security measurements at the BPEL side
and (5) providing a framework fully compatible with any BPEL engine
regardless of the adopted development environment.