| As the development of Web service technology, people are increasingly dependent on various composite services to accomplish complex tasks. Service composition is a key technology of Service Oriented Computing, is also a core technology of Service Oriented Architecture. Due to the convenience of construction of dynamic and complex business application, solving the "with the need to change" problem of application system, providing reuse of application and software, service composition become a new paradigm of developing distributed application system. Service composition can expand the application fields of services, enhance the application value of resources and services, and play an important role in system integration area, such as e-commerce, enterprise applications and military applications. However security issue is an important factor that hinders the development of composite service applications. Currently, there is no comprehensive architecture, technology and mechanism to provide the security protection of composite services. Judging from the features such as collaboration, cross-domain resource sharing and business process, the protection of composite service require condidering security requriements from the aspects of collaboration authorization, information flow control and policy managemnet. It has important theoretical significance and practical value to research the mechinism of access control and policy manegement based on the security requirement and features of composite service.This thesis focuses on the difficult in establishing security architecture of composite services, achieving collaborative authorization and information flow control of composite services, and the insufficient of existing policy management technology for cross-domain business process, and aims at providing collaborative access control and policy management for service composition. Thus this thesis deeply and compresehsively research the key security issues of composite services, including collaborative authorization mechanism, information flow control mechanism and policy management technology. The main contributions of the work are as follows:(1) Propose the security architecture of composite services application. Based on the main characteristics of composite services, including collaboration, cross-domain resource sharing and business process, we firstly analyze the security requirements of composite services, and propose the security view in terms of collaborative authorization mechanism, information flow control mechanism and business process policy management. Secondly we propose the security atchitecture of composite services, design the access control framework and policy management framework of composite services, and introduce the key security technologies of composite services, so as to clarify the key issues to study.(2) Design the collaborative authorization mechsnism of composite services. Based on the proposed access control framework, we propose the conversation context based distributed access control mechanism according to the characteristics of collaboration and business process. In this mechanism, we define the notion of conversation context and state transition model of conversation context, and design the context RBAC authorization mechanism for cross-domain role mapping. The analysis results show that the proposed mechanism can support fine-grained, dynamic distributed authorization.(3) Propose the label-based information flow control mechanism. According to the features of business process and cross-domain resource sharing, we propose an improved information flow control protocol based on exsiting protocol SCIFC in service chain model, and then we extend the protocol to support the information flow control of composite services with complex structure. After that, we analyze the security features, scalability and performance of the protocol. Compared with the existing approaches, both the theoretical analysis and experiment results show that the protocol is suitable for information flow control in composite services with complex structure and has acceptable and reasonable communication overhead and performance overhead.(4) Propose a semantic based security policy matching approach for service composition. According to the security policy requirements of service composition, we define the ontology of web service security and security policy, design the matching rules between security requirements and security capabilities, and propose a rule-based matching engine. Also we present the implementment architecture of the engine. The expremental results show that the proposed mechanism can support semantic-based inference and is suitable for real application.(5) Propose the dynamic verification approach of authorization constraint in composite services. According to the security requirements of dynamic authorization verification, we define the model of Petri-net-based business process and authorization constraint. Based on the composability and reachability of Petri net, we propose an authorization constraint net model to verify authorization constraints. This model can describe the dynamic authorization features, and dynamically verify the authorization constraints. The thesis defines the authorization constraint net formally, describes how to analyze the root cause of authorization constraint violation, and present an example for verification of authorization constraint.(6) Propose the modeling and evaluation approach of composite service performance. Based on the proposed access control framework and technologies, we firstly analyze the feasibility of constructing performance model of composite service access control based on QBD process, and then define the related arguments for evaluating the performance, present QBD-based access control performance, and quantify the influence of related arguments. The simulation results indicate that the max request rate and the average value of queue length can reflect the stable state of access control system of composite services, and the service time ratio of security contexts, service rate of security components, collaboration rate and the ratio of carry-along policy can impact the stable state of access control system of composite services. In beief, the proposed performance model can reflect the interrelationship of the arguments in composite service access control system, and predict the stable state of composite services.
|
PDF Full Text Request