Projet de recherche doctoral numero :3023


Date depot: 1 janvier 1900
Titre: Sécurité par aspects pour architectures basées sur des services
Directeur de thèse: Yves ROUDIER (I3S)
Domaine scientifique: Sciences et technologies de l'information et de la communication
Thématique CNRS : Non defini

Resumé: 1. Introduction Service‐oriented architectures (SOAs) constitute a major architectural style for large‐scale infrastructures and applications that are built from loosely coupled and well separated services and that are subject to dynamic configuration, manipulation and evolution. SOAs today are the major structuring principle of a multitude of commercial infrastructures and applications that rely on service composition, in particular service orchestration, and that are frequently subject to evolution. They span a number of different organizations, and may involve powerful servers as well as resource‐constrained devices (e.g., mobile devices). Two types of cross‐boundary functionalities are essential to such compositions: • Functionalities that span administrative domains, such as security domains that are governed by different security policies, e.g., between warehouses and their clients. • Functionalities that span different technological domains, e.g., service infrastructures for fully featured service clusters as well as much more limited infrastructures supporting the mobile devices used by clients to access services. Similarly to other compositional structuring mechanisms, SOAs are subject to the problem of crosscutting functionalities, that is, functionalities that are scattered and tangled over large parts of the architecture and of the underlying implementation. Security functionalities, such as access control and monitoring for intrusion detection, are prime examples of functionalities with this problem: they cannot be properly modularized, that is, defined as well‐separated modules, especially if they should scale across administrative or technological domains. Aspect‐Oriented Software Development [Aks04] is an application‐structuring method that addresses the problem of the lack of modularization facilities for crosscutting functionalities in a systemic way. The thesis will address this problem and contribute to the French‐funded ANR project CESSA (“Compositional Evolutions of Secure Services with Aspects”). This project will enable the synthesis of correct by construction SOA‐based applications and will allow the formal analysis of security properties of SOAs. It will also demonstrate that security aspects support the secure horizontal (i.e., orchestration and choreography of services) and vertical composition for Web Service and OSGI based SOAs. 2. State of the Art This thesis aims at addressing the problem of evolving large‐scale SOAs based on aspects, in particular regarding their security models. Such SOAs involve traditional service compositions and refinements. The following sections briefly discuss the scientific and industrial state of the art of these different fields. 2.1. SOA Service‐oriented architectures (SOAs) are considered as advanced component‐based architectures for the construction of distributed systems. A service is a software application that can be located over a network, and whose interfaces and bindings can be defined, described and discovered by using standardized access means and formats. Services support direct interactions with other software agents using message exchanges over the network via well‐defined protocols. Service computations are composed to implement processes, whose specification is done using dedicated workflow languages. Web Services are a concrete realization of a SOA, which uses XML artifacts and Internet‐based protocols [WS04, WS05]. The Business Process Execution Language for Web Services (BPEL) ([WS05, part VII] is a de facto standard for expressing Web Service compositions. The difference between the SOA approach and traditional approaches using conventional middleware lies in the looser coupling between the different parts of the distributed system specified. Another key difference is the use of standard and uniform formats and protocols. Many efforts have been devoted to the formalization and the reasoning upon processes, as exemplified by the proceedings of the international workshop 'Web Services and Formal Methods' [WSFM05‐07]. More specifically, different formalisms have been applied to BPEL: Petri nets [BPEL‐PN05], Spin, a model checker [SPIN04, WSAT04], process algebras, like FSP ('Finite State Process') [FSP03], or CCS ('Calculus of Communicating Systems') [CCS04], for example. In a SOA, there exist complex interactions among functional, management, and infrastructure interfaces. Aspect Orientation approaches have been proposed to solve this issue in the context of existing orchestration services for SOAs (e.g., Padus [BVJ06] and AO4BPEL [CM07]). Similarly, the QoSL4BPEL approach [BRL08] eases the QoS management in service compositions by the specification of QoS constraints defined using aspects that result in the modification of BPEL compositions. 2.2. Security SOA‐related security is a rather recent field of research. Security in SOA has previously been addressed mainly from an application only point of view,

Doctorant.e: Serme Gabriel