Publication details

Home Publications Publication details

Pre-execution Security Policy Assessment of Remotely Defined BPEL-Based Grid Processes
Fischer KP, Bleimann U, Furnell SM
Proceedings of the 4th International Conference on Trust, Privacy & Security in Digital Business, September 3 – 7, Regensburg, Germany, ISBN: 978-3-540-74408-5, pp178-189, 2007

In this paper results from research on security policy enforcement for cross-domain defined business processes specified in BPEL are transferred to the field of Grid computing, where BPEL is used to define Grid processes. In order to facilitate the assessment of remotely defined BPEL-based Grid processes for compliance with security policies prior to execution, a method for specifying security policies with respect to security-relevant semantic patterns in BPEL is applied. The paper shows the extent to which transfer of the former results was successful and indicates limitations and areas of further research. Where the situation is similar to cooperative business processes, such as in forming dynamic virtual organizations using Grid technology, the results turned out to be transferable with minor modifications, whereas for a transfer to the Grid context in general further investigation is required (in particular with respect to formal specification of security-relevant semantics of Grid services).

Fischer KP, Bleimann U, Furnell SM