Using information flow analysis to detect implicit information leaks for web service composition

被引:0
|
作者
Jia-xin Jiang
Zhi-qiu Huang
Wei-wei Ma
Yan Cao
机构
[1] Nanjing University of Aeronautics and Astronautics,College of Computer Science and Technology
[2] Collaborative Innovation Center of Novel Software Technology and Industrialization,undefined
来源
Frontiers of Information Technology & Electronic Engineering | 2018年 / 19卷
关键词
Information flow analysis; Business process execution language; Petri net; Interference; TP311;
D O I
暂无
中图分类号
学科分类号
摘要
Information leak, which can undermine the compliance of web-service-composition business processes for some policies, is one of the major concerns in web service composition. We present an automated and effective approach for the detection of implicit information leaks in business process execution language (BPEL) based on information flow analysis. We introduce an adequate meta-model for BPEL representation based on a Petri net for transformation and analysis. Building on the concept of Petri net place-based noninterference, the core contribution of this paper is the application of a Petri net reachability graph to estimate Petri net interference and thereby to detect implicit information leaks in web service composition. In addition, a case study illustrates the application of the approach on a concrete workflow in BPEL notation.
引用
收藏
页码:494 / 502
页数:8
相关论文
共 50 条
  • [21] Quantifying Information Leaks in Outbound Web Traffic
    Borders, Kevin
    Prakash, Atul
    PROCEEDINGS OF THE 2009 30TH IEEE SYMPOSIUM ON SECURITY AND PRIVACY, 2009, : 129 - +
  • [22] NIH grant information leaks onto web
    Morrissey, S
    CHEMICAL & ENGINEERING NEWS, 2005, 83 (45) : 11 - 11
  • [23] An Axiomatic Approach to Detect Information Leaks in Concurrent Programs
    Ghosal, Sandip
    Shyamasundar, R. K.
    2021 ACM/IEEE 43RD INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING: NEW IDEAS AND EMERGING RESULTS (ICSE-NIER 2021), 2021, : 31 - 35
  • [24] Detecting Security Leaks in Hybrid Systems with Information Flow Analysis
    Luan Viet Nguyen
    Mohan, Gautam
    Weimer, James
    Sokolsky, Oleg
    Lee, Insup
    Alur, Rajeev
    17TH ACM-IEEE INTERNATIONAL CONFERENCE ON FORMAL METHODS AND MODELS FOR SYSTEM DESIGN (MEMOCODE), 2019,
  • [25] Using Appearance Information for Web Information Credibility Analysis
    Akamine, Susumu
    Kato, Yoshikiyo
    Inui, Kentaro
    Kurohashi, Sadao
    PROCEEDINGS OF THE SECOND INTERNATIONAL SYMPOSIUM ON UNIVERSAL COMMUNICATION, 2008, : 363 - 365
  • [26] A Simple Solution for Information Sharing in Hybrid Web Service Composition
    Sapkota, Brahmananda
    Asuncion, Camlon H.
    Iacob, Maria-Eugenia
    van Sinderen, Marten
    15TH IEEE INTERNATIONAL ENTERPRISE DISTRIBUTED OBJECT COMPUTING CONFERENCE (EDOC 2011), 2011, : 235 - 244
  • [27] Contamination and incomplete information: Bounding implicit prices using high-profile leaks
    Guignet, Dennis
    Jenkins, Robin
    Ranson, Matthew
    Walsh, Patrick J.
    JOURNAL OF ENVIRONMENTAL ECONOMICS AND MANAGEMENT, 2018, 88 : 259 - 282
  • [28] Web Service Ranking Using Semantic Profile Information
    Bellur, Umesh
    Vadodaria, Harin
    2009 IEEE INTERNATIONAL CONFERENCE ON WEB SERVICES, VOLS 1 AND 2, 2009, : 872 - +
  • [29] Intelligent secure Web service using context information
    Shin, Woochul
    Li, Xun
    Yoo, Sang Bong
    KNOWLEDGE-BASED INTELLIGENT INFORMATION AND ENGINEERING SYSTEMS, PT 3, PROCEEDINGS, 2006, 4253 : 90 - 100
  • [30] A semantic rewriting approach to automatic information providing Web Service composition
    Bao, Shenghua
    Zhang, Lei
    Lin, Chenxi
    Yu, Yong
    SEMANTIC WEB - ASWC 2006, PROCEEDINGS, 2006, 4185 : 488 - 500
12345