Managing Impacts of Security Protocol Changes in Service-Oriented Applications

Minneapolis, Minnesota May 20-May 26

DOI Bookmark:

http://doi.ieeecomputersociety.org/10.1109/ICSE.2007.49

29th International Conference on Soft ...

	This Article
	PURCHASE ARTICLE: $19 PDF HTML IEEE Xplore Subscribers
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Halvard Skogsrud Articles by Boualem Benatallah Articles by Fabio Casati Articles by Farouk Toumani

	ASCII Text	x
	Halvard Skogsrud, Boualem Benatallah, Fabio Casati, Farouk Toumani, "Managing Impacts of Security Protocol Changes in Service-Oriented Applications," Software Engineering, International Conference on, pp. 468-477, 29th International Conference on Software Engineering (ICSE'07), 2007.

	BibTex	x
	@article{ 10.1109/ICSE.2007.49, author = {Halvard Skogsrud and Boualem Benatallah and Fabio Casati and Farouk Toumani}, title = {Managing Impacts of Security Protocol Changes in Service-Oriented Applications}, journal ={Software Engineering, International Conference on}, volume = {0}, year = {2007}, issn = {0270-5257}, pages = {468-477}, doi = {http://doi.ieeecomputersociety.org/10.1109/ICSE.2007.49}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Software Engineering, International Conference on TI - Managing Impacts of Security Protocol Changes in Service-Oriented Applications SN - 0270-5257 SP468 EP477 A1 - Halvard Skogsrud, A1 - Boualem Benatallah, A1 - Fabio Casati, A1 - Farouk Toumani, PY - 2007 KW - null VL - 0 JA - Software Engineering, International Conference on ER -

Halvard Skogsrud, ThoughtWorks Australia

Boualem Benatallah, University of New South Wales, Australia

Fabio Casati, University of Trento, Italy

Farouk Toumani, LIMOS, ISIMA, France

We present a software tool and a framework for security protocol change management. While we focus on trust negotiation protocols in this paper, many of the ideas are generally applicable to other types of protocols. Trust negotiation is a flexible approach to access control that is well suited to dynamic environments typical of service-oriented applications. However, managing the evolution of trust negotiation protocols is a difficult problem that has not been sufficiently addressed, especially in situations where there are ongoing negotiations. By using our framework, the consequences of changing the protocol that applies to ongoing trust negotiations can be automatically determined. We have also implemented a database-backed GUI tool to manage the change process as an extension of an existing system, and we have performed experiments to test the efficiency of our management software. Our experimental results show that the techniques proposed can scale to applications with tens of thousands of simultaneous users even on commodity PCs.

Citation:

Halvard Skogsrud, Boualem Benatallah, Fabio Casati, Farouk Toumani, "Managing Impacts of Security Protocol Changes in Service-Oriented Applications," icse, pp.468-477, 29th International Conference on Software Engineering (ICSE'07), 2007

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.