A MODEL FOR AUTOMATIC MATCHING OF SECURITY REQUIREMENTS DURING SEMANTIC WEB SERVICE DISCOVERY

Andreas Friesen, Danna Feng

2006

Abstract

This paper describes a semantic approach for modelling security requirements of requesters and providers of Semantic Web Services. These semantic descriptions can be used either during semantic service discovery or service selection phase for automatic compatibility verification of the security requirements of a service requester and provider. The security requirements model, ontology classifying existing security services and mechanisms, and a semantic matchmaking method relying on description logics are described in detail. This work is related to several semantic and non-semantic Web Services standards. The relationship to the most relevant of them has been worked out.

References

  1. Agarwal, S., Sprick, B., and Wortmann S. (2004). Credential Based Access Control for Semantic Web Services. Retrieved November 20, 2005, from University of Karlsruhe, Institute of Applied Informatics and Formal Description Methods (AIFB) web site: http://www.aifb.uni-karlsruhe.de/WBS/sag /papers/Agarwal_Sprick_Wortmann-CredentialBased AccessControlForSemanticWebServicesAAAI_SS_SWS-04.pdf.
  2. Baader, F., Calvanese, D., McGuinnes, D., Nardi, D., and Patel-Schneider, P. (2003). The Description Logic Handbook: Theory, Implementation and Applications. Cambridge University Press.
  3. Berners-Lee, T. (1998, September). Semantic Web Road map. Retrieved November 25, 2005, from http://www.w3.org/DesignIssues/Semantic.html.
  4. Dumbill, E. (2000, December 6). Berners-Lee and the Semantic Web Vision. Retrieved November 25, 2005, from http://www.xml.com/pub/a/2000/12/xml2000/ timbl.html.
  5. eXtensible Access Control Markup Language (XACML) Version 2.0. Oasis standard. (2005, Feb. 1) Retrieved October 12, 2005, from http://docs.oasisopen.org/xacml/2.0/access_control-xacml-2.0-corespec-os.pdf.
  6. Kolovski, V., Parsia, B., Katz, Y., and Hendler, J. (2005). Representing Web Services Policies in OWL-DL. Retrieved November 24, 2005, from http://www.mindswap.org/papers/2005/PolicyISWC05.pdf.
  7. OWL Web Ontology Language for Services (OWL-S). November 2, 2004. Retrieved November 25, 2005, from http://www.w3.org/Submission/2004/07/.
  8. Racer system. Retrieved November 27, 2005, from http://www.racer-systems.com/de/index.phtml.
  9. Smith, M. K., Welty, C., McGuinness D. L. (Feb, 2004). OWL Web Ontology Language Guide. W3C Recommendation. Retrieved November 8, 2005, from http://www.w3.org/TR/owl-guide/.
  10. The Protégé Ontology Editor and Knowledge Acquisition System. Retrieved October 12, 2005 from http://protege.stanford.edu.
  11. Web Services Architecture. November 14, 2002. W3C working draft. Retrieved November 25, 2005, from http://www.w3.org/TR/2002/WD-ws-arch20021114/id2616445.
  12. Web Services Policy Framework (WS-policy). September, 2004. Retrieved September 4, 2005, from http://schemas.xmlsoap.org/ws/2004/09/policy/.
  13. Web Services Security Policy Language (WSSecurityPolicy).July, 2005. Retrieved September 7, 2005, from http://specs.xmlsoap.org/ws/2005/07/securitypolicy/w s-securitypolicy.pdf.
  14. Web Services Security: Rights Expression Language (REL) Token Profile. December 19, 2004. Oasis Standard. Retrieved October 5, 2005, from http://docs.oasis-open.org/wss/oasis-wss-rel-tokenprofile-1.0.pdf.
  15. Web Services Security: SAML Token Profile. February 21, 2003. OASIS Working Draft 06. Retrieved November 14, 2005, from http://www.oasisopen.org/committees/download.php/1048/WSSSAML-06.pdf.
  16. XML-Signature Syntax and Processing. February, 2002. W3C Recommendation 12. Retrieved November 16, 2005, from http://www.w3.org/TR/2002/RECxmldsig-core-20020212/Overview.html.
Download


Paper Citation


in Harvard Style

Friesen A. and Feng D. (2006). A MODEL FOR AUTOMATIC MATCHING OF SECURITY REQUIREMENTS DURING SEMANTIC WEB SERVICE DISCOVERY . In Proceedings of WEBIST 2006 - Second International Conference on Web Information Systems and Technologies - Volume 1: WEBIST, ISBN 978-972-8865-46-7, pages 387-392. DOI: 10.5220/0001253603870392


in Bibtex Style

@conference{webist06,
author={Andreas Friesen and Danna Feng},
title={A MODEL FOR AUTOMATIC MATCHING OF SECURITY REQUIREMENTS DURING SEMANTIC WEB SERVICE DISCOVERY},
booktitle={Proceedings of WEBIST 2006 - Second International Conference on Web Information Systems and Technologies - Volume 1: WEBIST,},
year={2006},
pages={387-392},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0001253603870392},
isbn={978-972-8865-46-7},
}


in EndNote Style

TY - CONF
JO - Proceedings of WEBIST 2006 - Second International Conference on Web Information Systems and Technologies - Volume 1: WEBIST,
TI - A MODEL FOR AUTOMATIC MATCHING OF SECURITY REQUIREMENTS DURING SEMANTIC WEB SERVICE DISCOVERY
SN - 978-972-8865-46-7
AU - Friesen A.
AU - Feng D.
PY - 2006
SP - 387
EP - 392
DO - 10.5220/0001253603870392