Providing security for Web Service Composition using Finite State Machine

Abstract

The revolution impacted by Web Service as a solution to business and enterprise application integration throws light on the significance of security provided by Web Services during Web Service Composition. Satisfying the security requirements is truly a demanding task because of the dynamic and capricious nature of the Web. Web Service Composition associates web services to create high level business process that absolutely matches and conforms appropriately to the service requestor’s needs. It involves customizing services often by locating, assimilating and deploying elementary services. Our paper proposes a policy based system for granting security during the process of web service composition. Policies defined for effective and secure composition analyze and verify the conditions under which the task of the web service is allowed or rejected. To achieve this specification, we make use of Finite State Machine model which clearly portrays the business and flow logic. Nodes in the Finite State Machine represent rules. Upon efficacious fulfillment of policies which are defined in the node access points, transition between rules is stimulated. A service composition is said to be successfully incorporated only if there is complete absence of policy violations when combining the policies of elementary services. The simulated FSM which extracts the rules and policies of the web services and correctly matches and satisfies the policy constraints defined in the access points ensure providing security for the composite web service.