Service Contracts: Beyond Trust in Service Oriented Architectures


The Service-Oriented Architecture (SOA) is considered as the most promising paradigm over the last few years for delivering functionalities and allowing business cooperation. In SOA, the traditional vision of security aims to keep properties such as availability, authenticity and confidentiality by protecting the web service itself. However, in such an approach, the particularities of the human interaction in regard to the behaviors of the service stakeholders have been until now based only on trust. In this article, we present an approach based on machine readable contracts and evidences for improving the traditional web service-centered security. Similarly, the usefulness of this approach in context of semi-automatic auditing and risk management is discussed.

In 34ème Congrès INFORSID (INFORSID'2016-SSI) → Sécurité des systèmes d’information: technologies et personnes
Grenoble, France, 31 mai au 3 juin 2016

Mots clés

contract, evidences, model, service, SOA, trust

Manuel Munier
Manuel Munier
Maître de Conférences HC en Informatique

Mes activités de recherche concernent la sécurité de l’information, la gestion des risques et le droit & numérique.

Sur le même sujet