Using information flow analysis to detect implicit information leaks for web service composition
Using information flow analysis to detect implicit information leaks for web service composition作者机构:College of Computer Science and TechnologyNanjing University of Aeronautics and AstronauticsNanjing 210016China Collaborative Innovation Center of Novel Software Technology and IndustrializationNanjing 210000China
出 版 物:《Frontiers of Information Technology & Electronic Engineering》 (信息与电子工程前沿(英文版))
年 卷 期:2018年第19卷第4期
页 面:494-502页
核心收录:
学科分类:08[工学] 0835[工学-软件工程] 081202[工学-计算机软件与理论] 0812[工学-计算机科学与技术(可授工学、理学学位)]
基 金:Project supported by the National High-Tech R&D Program(863)of China(No.2015AA015303) the National Natural Science Foundation of China(No.61272083)
主 题:Information flow analysis Business process execution language Petri net Interference
摘 要:Information leak,which can undermine the compliance of web-service-composition business processes for some policies,is one of the major concerns in web service *** present an automated and effective approach for the detection of implicit information leaks in business process execution language(BPEL)based on information flow *** introduce an adequate meta-model for BPEL representation based on a Petri net for transformation and *** on the concept of Petri net place-based noninterference,the core contribution of this paper is the application of a Petri net reachability graph to estimate Petri net interference and thereby to detect implicit information leaks in web service *** addition,a case study illustrates the application of the approach on a concrete workflow in BPEL notation.
维普期刊数据库
同方期刊数据库