We propose a language for expressing fine-grained security policies for controlling orchestrated business processes modelled as a BPEL workflow. Our policies are expressed as a process algebra that permits a BPEL activity, denies it or force-terminates it. The outcome is evaluates with compensation contexts. Finally, we give an example of these policies in a distributed map processing scenario such that the policies constrain service interactions in the workflow according to the security requirements of each entity participating in the workflow.
|Number of pages||18|
|Publication status||Published - Sep 2008|
|Event||5th International Conference on Trust, Privacy and Security in Digital Business - Turin, Italy|
Duration: 4 Sep 2008 → 5 Sep 2008
|Conference||5th International Conference on Trust, Privacy and Security in Digital Business|
|Abbreviated title||TrustBus 2008|
|Period||4/09/08 → 5/09/08|