Guarding Sensitive Information Streams through the Jungle of Composite Web Services

Salt Lake City, Utah, USA July 09-July 13

DOI Bookmark:

http://doi.ieeecomputersociety.org/10.1109/ICWS.2007.93

IEEE International Conference on Web ...

	This Article
	PURCHASE ARTICLE: $19 PDF HTML IEEE Xplore Subscribers
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Jinpeng Wei Articles by Lenin Singaravelu Articles by Calton Pu

	ASCII Text	x
	Jinpeng Wei, Lenin Singaravelu, Calton Pu, "Guarding Sensitive Information Streams through the Jungle of Composite Web Services," Web Services, IEEE International Conference on, pp. 455-462, IEEE International Conference on Web Services (ICWS 2007), 2007.

	BibTex	x
	@article{ 10.1109/ICWS.2007.93, author = {Jinpeng Wei and Lenin Singaravelu and Calton Pu}, title = {Guarding Sensitive Information Streams through the Jungle of Composite Web Services}, journal ={Web Services, IEEE International Conference on}, volume = {0}, year = {2007}, isbn = {0-7695-2924-0}, pages = {455-462}, doi = {http://doi.ieeecomputersociety.org/10.1109/ICWS.2007.93}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Web Services, IEEE International Conference on TI - Guarding Sensitive Information Streams through the Jungle of Composite Web Services SN - 0-7695-2924-0 SP455 EP462 A1 - Jinpeng Wei, A1 - Lenin Singaravelu, A1 - Calton Pu, PY - 2007 KW - null VL - 0 JA - Web Services, IEEE International Conference on ER -

Jinpeng Wei, Georgia Institute of Technology, Atlanta, GA, USA

Lenin Singaravelu, Georgia Institute of Technology, Atlanta, GA, USA

Calton Pu, Georgia Institute of Technology, Atlanta, GA, USA

Complex and dynamic web service compositions may introduce unpredictable and unintentional sharing of security-sensitive data (e.g., credit card numbers) as well as unexpected vulnerabilities that cause information leak. This paper describes a fine-grain access policy specification of security-sensitive data items for each component web service. We propose the SFGuard architecture to enforce these access policies at component web services. A prototype implementation of SF-Guard (on Apache Axis2) and its evaluation show that effective protection of security-sensitive information can be achieved at low overhead (a few percent addition to response time) while preserving the functionality of flexible web service composition.

Citation:

Jinpeng Wei, Lenin Singaravelu, Calton Pu, "Guarding Sensitive Information Streams through the Jungle of Composite Web Services," icws, pp.455-462, IEEE International Conference on Web Services (ICWS 2007), 2007

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.