Title: SOA security policy validation and authoring
Other Titles: SOA Policy Validation and Authoring
Language: English
Authors: Prennschütz-Schützenau, Stefan 
Qualification level: Diploma
Advisor: Dustdar, Schahram 
Assisting Advisor: Leitner, Philipp
Issue Date: 2010
Number of Pages: 125
Qualification level: Diploma
A novel policy authoring Method that utilizes Schematron to validate abstract policy defintions against operational policy instances is examined. In a concrete case study, conformance of both (dynamic) WS-Security-augmented SOAP message exchanges and (static) WS-SecurityPolicy policies against WS-I's Basic Security Profile is assessed, by analyzing the results of the Schematron Validation Pipeline. An outline of how the approach can leveraged to express other macro-level security requirements - apart form "WS-I Conformance" - in form of an abstract schema(tron) constraints on policies is given, such as the way messages are to be secured or what algorithms are required.
The presentation concludes with a summation of experiments conducted and lessions for SOA practioners.
Keywords: SOA; Policy; WS-Security; WS-SecurityPolicy; Schematron; Validation; Best-practice
SOA; Policy; WS-Security; WS-SecurityPolicy; Schematron; Validation; Best-practice
URI: https://resolver.obvsg.at/urn:nbn:at:at-ubtuw:1-42209
Library ID: AC07810119
Organisation: E184 - Institut für Informationssysteme 
Publication Type: Thesis
Appears in Collections:Thesis

Files in this item:

Show full item record

Page view(s)

checked on May 21, 2021


checked on May 21, 2021

Google ScholarTM


Items in reposiTUm are protected by copyright, with all rights reserved, unless otherwise indicated.