Description
Date depot: 1 janvier 1900
Titre: Sécurité par aspects pour architectures basées sur des services
Directeur de thèse:
Yves ROUDIER (I3S)
Domaine scientifique: Sciences et technologies de l'information et de la communication
Thématique CNRS : Non defini
Resumé:
1. Introduction
Service‐oriented architectures (SOAs) constitute a major architectural style for large‐scale infrastructures
and applications that are built from loosely coupled and well separated services and that are subject to
dynamic configuration, manipulation and evolution. SOAs today are the major structuring principle of a
multitude of commercial infrastructures and applications that rely on service composition, in particular
service orchestration, and that are frequently subject to evolution. They span a number of different
organizations, and may involve powerful servers as well as resource‐constrained devices (e.g., mobile
devices). Two types of cross‐boundary functionalities are essential to such compositions:
• Functionalities that span administrative domains, such as security domains that are governed by
different security policies, e.g., between warehouses and their clients.
• Functionalities that span different technological domains, e.g., service infrastructures for fully
featured service clusters as well as much more limited infrastructures supporting the mobile
devices used by clients to access services.
Similarly to other compositional structuring mechanisms, SOAs are subject to the problem of crosscutting
functionalities, that is, functionalities that are scattered and tangled over large parts of the architecture
and of the underlying implementation. Security functionalities, such as access control and monitoring for
intrusion detection, are prime examples of functionalities with this problem: they cannot be properly
modularized, that is, defined as well‐separated modules, especially if they should scale across
administrative or technological domains. Aspect‐Oriented Software Development [Aks04] is an
application‐structuring method that addresses the problem of the lack of modularization facilities for
crosscutting functionalities in a systemic way.
The thesis will address this problem and contribute to the French‐funded ANR project CESSA
(“Compositional Evolutions of Secure Services with Aspects”). This project will enable the synthesis of
correct by construction SOA‐based applications and will allow the formal analysis of security properties
of SOAs. It will also demonstrate that security aspects support the secure horizontal (i.e., orchestration
and choreography of services) and vertical composition for Web Service and OSGI based SOAs.
2. State of the Art
This thesis aims at addressing the problem of evolving large‐scale SOAs based on aspects, in particular
regarding their security models. Such SOAs involve traditional service compositions and refinements. The
following sections briefly discuss the scientific and industrial state of the art of these different fields.
2.1. SOA
Service‐oriented architectures (SOAs) are considered as advanced component‐based architectures for
the construction of distributed systems. A service is a software application that can be located over a
network, and whose interfaces and bindings can be defined, described and discovered by using
standardized access means and formats. Services support direct interactions with other software agents
using message exchanges over the network via well‐defined protocols. Service computations are
composed to implement processes, whose specification is done using dedicated workflow languages.
Web Services are a concrete realization of a SOA, which uses XML artifacts and Internet‐based protocols
[WS04, WS05]. The Business Process Execution Language for Web Services (BPEL) ([WS05, part VII] is a
de facto standard for expressing Web Service compositions. The difference between the SOA approach
and traditional approaches using conventional middleware lies in the looser coupling between the
different parts of the distributed system specified. Another key difference is the use of standard and
uniform formats and protocols.
Many efforts have been devoted to the formalization and the reasoning upon processes, as exemplified
by the proceedings of the international workshop 'Web Services and Formal Methods' [WSFM05‐07].
More specifically, different formalisms have been applied to BPEL: Petri nets [BPEL‐PN05], Spin, a model
checker [SPIN04, WSAT04], process algebras, like FSP ('Finite State Process') [FSP03], or CCS ('Calculus
of Communicating Systems') [CCS04], for example.
In a SOA, there exist complex interactions among functional, management, and infrastructure interfaces.
Aspect Orientation approaches have been proposed to solve this issue in the context of existing
orchestration services for SOAs (e.g., Padus [BVJ06] and AO4BPEL [CM07]). Similarly, the QoSL4BPEL
approach [BRL08] eases the QoS management in service compositions by the specification of QoS
constraints defined using aspects that result in the modification of BPEL compositions.
2.2. Security
SOA‐related security is a rather recent field of research. Security in SOA has previously been addressed
mainly from an application only point of view,
Doctorant.e: Serme Gabriel