Security and Access Control Representation for Generating Valid Composite Polices
B Murganantham,  GS Anurag Rao
The web services contain atomic and composite services, the composite service able to invoke other composite or atomic service. The problem here is while composite service invokes other services, the policy agreements and type of security used should be matched with the invoked web services. As a result there will inconsistency among the web services and also there will be lack of message protection policy. To solve this problem, developers have to define policy of composite service by hand by referring to the policies of the invoked web services in the composite services. However it is hard very hard to complete a policy composition without any inconsistencies, because the process definition and security policies are complex and it is not clear how to compose policies to maintain consistency. So a proper policy composition engine which can eradicate the inconsistency between web services is needed. Hence in this project, a policy composition engine which is able to verify the polices between web services that has different type of access control policy and message protection policy compared to composite web service is proposed. The policy composition engine adjusts the policy of composite services based on web services invoked. Meanwhile a revised composite policy might have redundant requirements. In order to avoid this problem, the redundant representations are merged or removed in a supervised manner that examines the definitions of all implemented services.
Keywords- Web service, Atomic web service, Composite Web service, Security policy
Cite this Article
B Murganantham,  GS Anurag Rao,   "Security and Access Control Representation for Generating Valid Composite Polices"
, International Journal of Engineering Development and Research (IJEDR), ISSN:2321-9939, Volume.2, Issue 2, pp.2196-2200, June 2014, Available at :http://www.ijedr.org/papers/IJEDR1402147.pdf