Abstract
The diffusion of service-based and cloud-based systems has created a scenario where software is often made available as services, offered as commodities over corporate networks or the global net. This scenario supports the definition of business processes as composite services, which are implemented via either static or runtime composition of offerings provided by different suppliers. Fast and accurate evaluation of services’ security properties becomes then a fundamental requirement and is nowadays part of the software development process. In this article, we show how the verification of security properties of composite services can be handled by test-based security certification and built to be effective and efficient in dynamic composition scenarios. Our approach builds on existing security certification schemes for monolithic services and extends them towards service compositions. It virtually certifies composite services, starting from certificates awarded to the component services. We describe three heuristic algorithms for generating runtime test-based evidence of the composite service holding the properties. These algorithms are compared with the corresponding exhaustive algorithm to evaluate their quality and performance. We also evaluate the proposed approach in a real-world industrial scenario, which considers ENGpay online payment system of Engineering Ingegneria Informatica S.p.A. The proposed industrial evaluation presents the utility and generality of the proposed approach by showing how certification results can be used as a basis to establish compliance to Payment Card Industry Data Security Standard.
- R. Accorsi, L. Lowis, and Y. Sato. 2011. Automated certification for compliant cloud-based business processes. Bus. Inf. Syst. Eng. 3, 3 (2011), 145--154.Google Scholar
Cross Ref
- R. Aggarwal, K. Verma, J. Miller, and W. Milnor. 2004. Constraint driven web service composition in METEOR-S. In Proceedings of the 2004 IEEE International Conference on Services Computing (SCC’04). Shangai, China. Google Scholar
Digital Library
- M. Alrifai, T. Risse, and W. Nejdl. 2012. A hybrid approach for efficient web service composition with end-to-end QoS constraints. ACM Trans. Web 6, 2 (Jun. 2012), 1--31. Google Scholar
Digital Library
- A. Alves et al. 2007. Web Services Business Process Execution Language Version 2.0. OASIS. Retrieved from http://docs.oasis-open.org/wsbpel/2.0/OS/wsbpel-v2.0-OS.html.Google Scholar
- J. H. Andrews, L. C. Briand, Y. Labiche, and A. S. Namin. 2006. Using mutation analysis for assessing and comparing testing coverage criteria. IEEE Trans. Softw. Eng. 32, 8 (Aug. 2006), 608--624. Google Scholar
Digital Library
- M. Anisetti, C. A. Ardagna, and E. Damiani. 2011. Fine-grained modeling of web services for test-based security certification. In Proceedings of the IEEE International Conference on Services Computing (SCC’11). Google Scholar
Digital Library
- M. Anisetti, C. A. Ardagna, and E. Damiani. 2013. Security certification of composite services: A test-based approach. In Proceedings of the 20th IEEE International Conference on Web Services (ICWS’13). Google Scholar
Digital Library
- M. Anisetti, C. A. Ardagna, and E. Damiani. 2015. A test-based incremental security certification scheme for cloud-based systems. In Proceedings of the 12th IEEE International Conference on Services Computing (SCC’15). Google Scholar
Digital Library
- M. Anisetti, C. Ardagna, E. Damiani, and F. Gaudenzi. 2016. A certification framework for cloud-based services. In Proceedings of the ACM Symposium on Applied Computing (SAC’16). Google Scholar
Digital Library
- M. Anisetti, C. A. Ardagna, E. Damiani, and F. Gaudenzi. 2017. A semi-automatic and trustworthy scheme for continuous cloud service certification. IEEE Trans. Serv. Comput. (2017).Google Scholar
- M. Anisetti, C. A. Ardagna, E. Damiani, N. El Ioini, and F. Gaudenzi. 2018. Modeling time, probability, and configuration constraints for continuous cloud service certification. Comput. Secur. 72, Supplement C (2018), 234--254. Google Scholar
Digital Library
- M. Anisetti, C. A. Ardagna, E. Damiani, and J. Maggesi. 2012. Security certification-aware service discovery and selection. In Proceedings of 5th IEEE International Conference on Service-Oriented Computing and Applications (SOCA’12). Google Scholar
Digital Library
- M. Anisetti, C. A. Ardagna, E. Damiani, and F. Saonara. 2013. A test-based security certification scheme for web services. ACM Trans. Web 7, 2 (May 2013), 1--41. Google Scholar
Digital Library
- A. Armando, D. Basin, Y. Boichut, Y. Chevalier, L. Compagna, J. Cuéllar, P. Drielsma, P. Héam, O. Kouchnarenko, and et al. J. Mantovani. 2005. The AVISPA tool for the automated validation of internet security protocols and applications. In Proceedings of the 17th International Conference on Computer Aided Verification (CAV’05). Google Scholar
Digital Library
- A. R. R. Souza et al. 2009. Incorporating security requirements into service composition: From modelling to execution. In Proceedings of the 7th International Joint Conference on Service Oriented Computing (ICSOC-ServiceWave’09). Stockholm, Sweden. Google Scholar
Digital Library
- AVANTSSAR project. 2018. The AVANTSSAR Project IST-2001-39252. Retrieved from http://www.avantssar.eu/.Google Scholar
- Y. Bai, Y. Zhang, Y. Zhou, and L. T. Yang. 2011. A non-functional property based service selection and service verification model. In Proceedings of the 8th International Conference on Ubiquitous Intelligence and Computing (UIC’11). Google Scholar
Digital Library
- M. Bennara, M. Mrissa, and Y. Amghar. 2014. An approach for composing RESTful linked services on the web. In Proceedings of the 23rd International Conference on World Wide Web (WWW’14). Google Scholar
Digital Library
- L. Bentakouk, P. Poizat, and F. Zaïdi. 2009. A formal framework for service orchestration testing based on symbolic transition systems. In Proceedings of the 21th IFIP Internation Conference on Testing of Communicating Systems (TESTCOM 2009) and the 9th International Workshop on Formal Approaches to Testing of Software (FATES’09). Google Scholar
Digital Library
- R. Berbner, M. Spahn, N. Repp, O. Heckmann, and R. Steinmetz. 2006. Heuristics for QoS-aware web service composition. In Proceedings of the IEEE International Conference on Web Services (ICWS’06). Google Scholar
Digital Library
- B. Bernhard. 2003. Web services container. Retrieved from http://www.google.com/patents/US20030033369 US Patent App. 10/215,722.Google Scholar
- B. Bertholon, S. Varrette, and P. Bouvry. 2011. Certicloud: A novel TPM-based approach to ensure cloud IaaS security. In Proceedings of the 4th IEEE International Conference on Cloud Computing (CLOUD’11). Google Scholar
Digital Library
- M. Burrows, M. Abadi, and R. Needham. 1990. A logic of authentication. ACM Trans. Comput. Syst. 8, 1 (Feb. 1990), 18--36. Google Scholar
Digital Library
- A. Cavalli, T.-D. Cao, W. Mallouli, E. Martins, A. Sadovykh, S. Salva, and F. Zaïdi. 2010. WebMov: A dedicated framework for the modelling and testing of web services composition. In Proceedings of the 8th IEEE International Conference on Web Services (ICWS’10). Google Scholar
Digital Library
- Y. Chen, J. Huang, C. Lin, and J. Hu. 2015. A partial selection methodology for efficient qos-aware service composition. IEEE Trans. Serv. Comput. 8, 3 (2015), 384--397.Google Scholar
Cross Ref
- T. S. Chow. 1978. Testing software design modeled by finite-state machines. IEEE Trans. Softw. Eng. 4, 3 (May 1978), 178--187. Google Scholar
Digital Library
- L. Chung and J. C. P. Leite. 2009. Conceptual modeling: Foundations and applications. In On Non-Functional Requirements in Software Engineering, A. T. Borgida, V. K. Chaudhri, P. Giorgini, and E. S. Yu (Eds.). Springer-Verlag, Berlin, 363--379. Google Scholar
Digital Library
- L. Chung, B. A. Nixon, E. Yu, and J. Mylopoulos. 2000. Non-Functional Requirements in Software Engineering, Vol. 5. Springer, Heidelberg.Google Scholar
- M. R. Clarkson and F. B. Schneider. 2010. Hyperproperties. J. Comput. Secur. 18, 6 (2010), 1157--1210. Google Scholar
Cross Ref
- E. Damiani, C. A. Ardagna, and N. El Ioini. 2009. Open Source Systems Security Certification. Springer, New York, NY. Google Scholar
Digital Library
- A. Dan, D. Davis, R. Kearney, A. Keller, R. King, D. Kuebler, H. Ludwig, M. Polan, M. Spreitzer, and A. Youssef. 2004. Web services on demand: WSLA-driven automated management. IBM Syst. J. 43, 1 (Jan. 2004), 136--158. Google Scholar
Digital Library
- A. V. Dastjerdi and R. Buyya. 2014. Compatibility-aware cloud service composition under fuzzy preferences of users. IEEE Trans. Cloud Comput. 2, 1 (Jan. 2014), 1--13.Google Scholar
Cross Ref
- A. Datta, J. Franklin, D. Garg, L. Jia, and D. Kaynar. 2011. On adversary models and compositional security. IEEE Secur. Priv. 9, 3 (2011), 26--32. Google Scholar
Digital Library
- S. Deng, H. Wu, D. Hu, and J. L. Zhao. 2016. Service selection for composition with QoS correlations. IEEE Trans. Serv. Comput. 9, 2 (2016), 291--303. Google Scholar
Digital Library
- S. Dustdar and P. Fenkam. 2004. Formally designing web services for mobile team collaboration. In Proceedings of the 30th Euromicro Conference 2004. Rennes, France. Google Scholar
Digital Library
- M. Egea, K. Mahbub, G. Spanoudakis, and M. R. Vieira. 2015. A certification framework for cloud security properties: The monitoring path. In Accountability and Security in the Cloud, M. Felici and C. Fernandez-Gago (Eds.). Springer, 63--77.Google Scholar
- R. Focardi and R. Gorrieri. 2004. Classification of security properties (part II: Network security). In Foundations of Security Analysis and Design, R. Focardi and R. Gorrieri (Eds.). Springer, Berlin.Google Scholar
Cross Ref
- L. Frantzen, J. Tretmans, and T. A. C. Willemse. 2006. A symbolic framework for model-based testing. In Proceedings of the 6th International Workshop on Formal Approaches to Testing and Runtime Verification (FATES/RV’06). Google Scholar
Digital Library
- A. Fuchs and S. Gürgens. 2013. Preserving confidentiality in component compositions. In Proceedings of the International Conference on Software Composition (SC’13).Google Scholar
- H. Gao and Y. Li. 2011. Generating quantitative test cases for probabilistic timed web service composition. In Proceedings of the IEEE Asia-Pacific Services Computing Conference (APSCC’11).Google Scholar
- D. Garg, J. Franklin, D. Kaynar, and A. Datta. 2010. Compositional system security with interface-confined adversaries. Electr. Not. Theor. Comput. Sci. 265 (Sep. 2010), 49--71. Google Scholar
Digital Library
- C. S. Gordon, M. D. Ernst, D. Grossman, and M. J. Parkinson. 2017. Verifying invariants of lock-free data structures with rely-guarantee and refinement types. ACM Trans. Program. Lang. Syst. 39, 3, Article 11 (May 2017), 54 pages. Google Scholar
Digital Library
- B. Grobauer, T. Walloschek, and E. Stocker. 2011. Understanding cloud computing vulnerabilities. IEEE Secur. Priv. 9, 2 (Mar.-Apr. 2011), 50--57. Google Scholar
Digital Library
- Z. Haibo and D. Prashant. 2009. Towards automated RESTful web service composition. In Proceedings of the IEEE International Conference on Web Services (ICWS’09). Google Scholar
Digital Library
- I. J. Hayes, C. B. Jones, and R. J. Colvin. 2013. Reasoning About Concurrent Programs: Refining Rely-guarantee Thinking. Computing Science, Newcastle University.Google Scholar
- D. S. Herrmann. 2002. Using the Common Criteria for IT Security Evaluation. Auerbach Publications. Google Scholar
Digital Library
- W. Hummer, P. Leitner, A. Michlmayr, F. Rosenberg, and S. Dustdar. 2011. VRESCo--Vienna runtime environment for service-oriented computing. In Service Engineering, S. Dustdar and F. Li (Eds.). Springer, 299--324.Google Scholar
- S.-Y. Hwang, E.-P. Lim, C.-H. Lee, and C.-H. Chen. 2008. Dynamic web service selection for reliable web service composition. IEEE Trans. Serv. Comput. 1, 2 (Apr. 2008), 104--116. Google Scholar
Digital Library
- C. Irvine and T. Levin. 1999. Toward a taxonomy and costing method for security services. In Proceedings of the 15th Annual Conference on Computer Security Applications (ACSAC’99). Google Scholar
Digital Library
- F. Kerschbaum and P. Robinson. 2009. Security architecture for virtual organizations of business web services. J. Syst. Arch. 55, 4 (Apr. 2009), 224--232. Google Scholar
Digital Library
- K. M. Khan, A. Erradi, S. Alhazbi, and J. Han. 2012. Security oriented service composition: A framework. In Proceedings of the 8th International Conference on Innovations in Information Technology (IIT’12).Google Scholar
- K. M. Khan and Q. Malluhi. 2010. Establishing trust in cloud computing. IT Profess. 12, 5 (Sep.-Oct. 2010), 20--27. Google Scholar
Digital Library
- J. M. Ko, C. O. Kim, and I.-H. Kwon. 2008. Quality-of-service oriented web service composition algorithm and planning architecture. J. Syst. Softw. 81, 11 (Nov. 2008), 2079--2090. Google Scholar
Digital Library
- D. Kourtesis, E. Ramollari, D. Dranidis, and I. Paraskakis. 2010. Increased reliability in SOA environments through registry-based conformance testing of Web services. Product. Plan. Contr. 21, 2 (Jun. 2010), 130--144.Google Scholar
- M. Krotsiani, G. Spanoudakis, and C. Kloukinas. 2015. Monitoring-based certification of cloud service security. In Proceedings of the International Symposium on Secure Virtual Infrastructures, Cloud and Trusted Computing 2016 (C8TC’15).Google Scholar
- M. Lallali, F. Zaidi, A. Cavalli, and I. Hwang. 2008. Automatic timed test case generation for web services composition. In Proceedings of the 6th IEEE European Conference on Web Services (ECOWS’08). Google Scholar
Digital Library
- A. Landro. 2013. The Benefits of Cloud-based BPM. Retrieved from http://tinyurl.com/hk9jy9g.Google Scholar
- A.L. Lemos, F. Daniel, and B. Benatallah. 2016. Web service composition: A survey of techniques and tools. Comput. Surv. 48, 3 (Feb. 2016), 33:1--33:41. Google Scholar
Digital Library
- B. Li, D. Qiu, H. Leung, and D. Wang. 2012. Automatic test case selection for regression testing of composite service based on extensible BPEL flow graph. J. Syst. Softw. 85, 6 (Jun. 2012), 1300--1324. Google Scholar
Digital Library
- H. Liang, X. Feng, and M. Fu. 2014. Rely-guarantee-based simulation for compositional verification of concurrent program transformations. ACM Trans. Program. Lang. Syst. 36, 1, Article 3 (Mar. 2014), 3:1--3:55 pages. Google Scholar
Digital Library
- Sebastian Lins, Pascal Grochol, Stephan Schneider, and Ali Sunyaev. 2016. Dynamic certification of cloud services: Trust, but verify! IEEE Secur. Priv. 14, 2 (2016), 66--71. Google Scholar
Digital Library
- S. Lins, S. Schneider, and A. Sunyaev. 2016. Trust is good, control is better: Creating secure clouds by continuous auditing. IEEE Trans. Cloud Comput. 6, 3 (2018), 890--903.Google Scholar
Cross Ref
- Yutu Liu, Anne H. Ngu, and Liang Z. Zeng. 2004. QoS computation and policing in dynamic web service selection. In Proceedings of the 13th International World Wide Web Conference on Alternate Track Papers 8 Posters (WWW Alt.’04). Google Scholar
Digital Library
- W. Lu, X. Hu, S. Wang, and X. Li. 2014. A multi-criteria QoS-aware trust service composition algorithm in cloud computing environments. Int. J. Grid Distrib. Comput. 7, 1 (2014), 77--88.Google Scholar
Cross Ref
- H. Ma, F. Bastani, I.-L. Yen, and H. Mei. 2013. QoS-driven service composition with reconfigurable services. IEEE Trans. Serv. Comput. 6, 1 (Apr. 2013), 20--34. Google Scholar
Digital Library
- H. Mantel. 2000. Possibilistic definitions of security-an assembly kit. In Proceedings of the 13th IEEE Computer Security Foundations Workshop (CSFW’00). Google Scholar
Digital Library
- R. Mateescu and S. Rampacek. 2008. Formal modeling and discrete-time analysis of BPEL web services. In Advances in Enterprise Engineering I, J. L. G. Dietz (Ed.). Lecture Notes in Business Information Processing, Vol. 10. Springer Berlin, 179--193.Google Scholar
- B. Medjahed, A. Bouguettaya, and A. K. Elmagarmid. 2003. Composing web services on the semantic web. VLDB J. 12, 4 (Nov. 2003), 333--351. Google Scholar
Digital Library
- S. Mouchawrab, L. C. Briand, Y. Labiche, and M. Di Penta. 2011. Assessing, comparing, and combining state machine-based testing and structural testing: A series of experiments. IEEE Trans. Softw. Eng. 37, 2 (Mar. 2011), 161--187. Google Scholar
Digital Library
- A. Munoz and A. Mana. 2013. Bridging the GAP between software certification and trusted computing for securing cloud computing. In Proceedings of the 9th IEEE World Congress on Services (SERVICES ;13). Google Scholar
Digital Library
- A. Nadalin, C. Kaler, R. Monzillo, and P. Hallam-Baker. 2006. Web Services Security: SOAP Message Security 1.1. OASIS. Retrieved from http://www.oasis-open.org/committees/download.php/16790/wss-v1.1-spec-os-SOAPMessageSecurity.pdf.Google Scholar
- M. Najafi, K. Sartipi, and N. Archer. 2018. Formal Verification and Validation of Web Service Composition Certifier. Retrieved August 2018 from http://www.cas.mcmaster.ca/ najafm/journal4.pdf.Google Scholar
- Y. Ni, S.-S. Hou, L. Zhang, J. Zhu, Z. J. Li, Q. Lan, H. Mei, and J.-S. Sun. 2013. Effective message-sequence generation for testing BPEL programs. IEEE Trans. Serv. Comput. 6, 1 (Apr. 2013), 7--19. Google Scholar
Digital Library
- OMG 2011. Business Process Model and Notation (BPMN)--Version 2.0. OMG. Retrieved from http://www.omg.org/spec/BPMN/2.0/PDF/.Google Scholar
- OpenText 2016. BPM in the Cloud. OpenText. Retrieved October 2016 from http://tinyurl.com/jfx4pn5.Google Scholar
- Oracle 2015. Oracle Process Cloud Service. Oracle. Retrieved from http://tinyurl.com/jj3skoa.Google Scholar
- C. Pautasso. 2009. RESTful web service composition with BPEL for REST. Data Knowl. Eng. 68, 9 (2009), 851--866. Google Scholar
Digital Library
- PCI Security Standards Council 2015. Payment Card Industry (PCI) Data Security Standard--Requirements and Security Assessment Procedures--Version 3.1. PCI Security Standards Council. Retrieved from http://csrc.nist.gov/publications/secpubs/rainbow/std001.txt.Google Scholar
- S. Pearson. 2011. Toward accountability in the cloud. IEEE Internet Comput. 15, 4 (Jul.-Aug. 2011), 64--69. Google Scholar
Digital Library
- C. Peltz. 2003. Web services orchestration and choreography. Computer 36, 10 (Oct. 2003), 46--52. Google Scholar
Digital Library
- L. Pino and G. Spanoudakis. 2012. Finding secure compositions of software services: Towards a pattern based approach. In Proceedings of the 5th IFIP Internation Conference on New Technologies, Mobility 8 Security (NTMS’12).Google Scholar
- A. Pnueli. 1977. The temporal logic of programs. In Proceedings of the 18th Annual Symposium on Foundations of Computer Science (SFCS’77). Google Scholar
Digital Library
- H. Rasheed. 2014. Data and infrastructure security auditing in cloud computing environments. Int. J. Inf. Manage. 34, 3 (Jun. 2014), 364--368.Google Scholar
Cross Ref
- S. Rossi. 2010. Model checking adaptive multilevel service compositions. In Proceedings of the International Conference on Formal Aspects of Component Software (FACS’10). Google Scholar
Digital Library
- D. Sanán, Y. Zhao, Z. Hou, F. Zhang, A. Tiu, and Y. Liu. 2017. CSimpl: A rely-guarantee-based framework for verifying concurrent programs. In Proceedings of the 23rd International Conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS’17).Google Scholar
- W. She, I.-L. Yen, B. Thuraisingham, and E. Bertino. 2013. Security-aware service composition with fine-grained information flow control. IEEE Trans. Serv. Comput. 6, 3 (Jul. 2013), 330--343. Google Scholar
Digital Library
- P. Stephanow, G. Srivastava, and J. Schutte. 2016. Test-based cloud service certification of opportunistic providers. In Proceedings of the 9th IEEE International Conference on Cloud Computing (CLOUD’16).Google Scholar
- H. N. Talantikitea, D. Aissanib, and N. Boudjlidac. 2009. Semantic annotations for web services discovery and composition. Comput. Stand. Interfaces 31, 6 (Nov. 2009), 1108--1117. Google Scholar
Digital Library
- W. Tan, Y. Fan, and M.C. Zhou. 2009. A petri net-based method for compatibility analysis and composition of web services in business process execution language. IEEE Trans. Automat. Sci. Eng. 6, 1 (Jan. 2009), 94--106.Google Scholar
Cross Ref
- H. Tout, A. Mourad, H. Yahyaoui, C. Talhi, and H. Otrok. 2012. Towards a BPEL model-driven approach for Web services security. In Proceedings of the 10th Annual International Conference on Privacy, Security and Trust (PST’12). Google Scholar
Digital Library
- W.-T. Tsai, P. Zhong, J. Balasooriya, Y. Chen, X. Bai, and J. Elston. 2011. An approach for service composition and testing for cloud computing. In Proceedings of the 10th International Symposium on Autonomous Decentralized Systems (ISADS’11). Google Scholar
Digital Library
- USA Department of Defence 1985. Department Of Defense Trusted Computer System Evaluation Criteria. USA Department of Defence. Retrieved from http://csrc.nist.gov/publications/secpubs/rainbow/std001.txt.Google Scholar
- E. van Veenendaal. 2018. Standard Glossary of Terms Used in Software Testing Version 2.2. International Software Testing Qualifications Board. Retrieved August 2018 from http://www.astqb.org/educational-resources/glossary.php.Google Scholar
- H. D. Vo, D. C. Phung, V. Q. Dung, and V.-H. Nguyen. 2012. Securing data in composite web services. In Proceedings of the 4th International Conference on Knowledge and Systems Engineering (KSE’12). Danang, Vietnam. Google Scholar
Digital Library
- J. Yu, J. Han, S. O. Gunarso, and S. Versteeg. 2013. A business protocol unit testing framework for web service composition. In Proceedings of the 25th International Conference on Advanced Information Systems Engineering (CAiSE 2013). Valencia, Spain. Google Scholar
Digital Library
- L. Zeng, B. Benatallah, A. H. H. Ngu, M. Dumas, J. Kalagnanam, and H. Chang. 2004. QoS-aware middleware for web services composition. IEEE Trans. Softw. Eng. 30, 5 (May 2004), 311--327. Google Scholar
Digital Library
- H. Zheng, J. Yang, and W. Zhao. 2016. Probabilistic QoS aggregations for service composition. ACM Trans. Web 10, 2, Article 12 (May 2016), 12:1--12:36 pages. Google Scholar
Digital Library
Index Terms
Test-Based Security Certification of Composite Services
Recommendations
A test-based security certification scheme for web services
The Service-Oriented Architecture (SOA) paradigm is giving rise to a new generation of applications built by dynamically composing loosely coupled autonomous services. Clients (i.e., software agents acting on behalf of human users or service providers) ...
Security Certification of Composite Services: A Test-Based Approach
ICWS '13: Proceedings of the 2013 IEEE 20th International Conference on Web ServicesAccurate and lightweight evaluation of web service security properties is a key problem, especially when business processes are dynamically built by composing atomic services provided by different suppliers at runtime. In this paper, we tackle this ...
The Myth of Open Web Services: The Rise of the Service Parks
Issues of trust, reliability, and data heterogeneity make it unlikely that we'll have access to a set of free and heterogenous Web services and tools to combine them on the Internet anytime soon. The authors contend, instead, that "service parks" will ...






Comments