摘要
服务组合作为实现服务增值的一种有效方法,业已广泛使用于各种应用.安全问题是与Web服务密切相关且对于服务组合的可信性具有重要作用.然而目前还缺乏对服务安全组合进行有效描述和分析的方法.提出一种基于面向方面的形式化服务安全组合建模及其分析方法.重点讨论了服务的授权、执行的可追踪、数据保护及故障处理,并利用面向方面规范基本模块的行为、描述它们相互关系的手段,编织机制将这些模块动态地集成为一个完整的服务组合模型.基于此,Petri网的操作语义及相关理论分析服务组合的安全性及故障处理能力,给出服务组合的正确性准则,并证明了其有效性.具体实例及仿真结果表明,该方法能有效地简化系统建模,有助于提高服务组合的设计质量.
As an effective way to achieve value-added service, service composition has found wide application in various areas. Security is closely related with Web services and important to trustworthy of service composition. However, the methods that can be used to describe and analyze service secure composition are still lacking at present. This paper proposes an aspect-oriented formal modeling language based on Petri net and its corresponding modeling method for service secure composition, and focuses on the service authorization, implementation traceability, data protection and fault handling. Aspect specification provides means to observe behaviors of basic aspect schema, and to describe their interrelationship, the weaving mechanism dynamically integrates these schemas into a complete model. Based on this, the security and fault handling of service composition are analyzed, the correctness criterion of service secure composition is given, and its effectiveness is proved. A case study of Export Service and experimental results demonstrate the approach can simplify the modeling process and contribute to improvement of design quality.
出处
《小型微型计算机系统》
CSCD
北大核心
2011年第9期1762-1769,共8页
Journal of Chinese Computer Systems
基金
国家自然科学基金项目(60473055
60773094)资助
中央高校基本科研业务费专项基金项目资助
国家科技支撑计划项目(009BAH46B03)资助
上海市曙光计划项目(07SG32)资助
上海市科委重点实验室基金项目(09DZ2272600)资助
