Visible to the public Research of Secure Service Composition Based on Semantic Security Policy

TitleResearch of Secure Service Composition Based on Semantic Security Policy
Publication TypeConference Paper
Year of Publication2016
AuthorsZhengqiu, H., Fangxia, X., Wenfu, L., Rongmao, H., Zhongfu, X.
Conference Name2016 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData)
KeywordsCognition, Collaboration, definition method, Encryption, general security ontology, governance, Government, government policies, matching algorithm, Ontologies, ontologies (artificial intelligence), policy, policy-based governance, Protocols, pubcrawl, secure service composition, security of data, security policies, security policy, Semantic, semantic security policy, Semantics, service composition, subsumption, syntactic approaches, web services
Abstract

Expressing and matching the security policy of each participant accurately is the precondition to construct a secure service composition. Most schemes presently use syntactic approaches to represent and match the security policy for service composition process, which is prone to result in false negative because of lacking semantics. In this paper, a novel approach based on semantics is proposed to express and match the security policies in service composition. Through constructing a general security ontology, the definition method and matching algorithm of the semantic security policy for service composition are presented, and the matching problem of policy is translated into the subsumption reasoning problem of semantic concept. Both the theoretical analysis and experimental evaluation show that, the proposed approach can present the necessary semantic information in the representation of policy and effectively improve the accuracy of matching result, thus overcome the deficiency of the syntactic approaches, and can also simplify the definition and management of the policy at the same time, which thereby provides a more effective solution for building the secure service composition based on security policy.

URLhttps://ieeexplore.ieee.org/document/7917093/
DOI10.1109/iThings-GreenCom-CPSCom-SmartData.2016.65
Citation Keyzhengqiu_research_2016