Verifying the Consistency of Security Policies by Abstracting into Security Types

The Service-Oriented Architecture (SOA) makes application development easier, because applications can be built from existing services with a bottom-up methodology. However, it is difficult to determine if a desired new service can be built from existing services. Not only the functional consistency of the existing services, but also the consistency of their non-functional (such as security) aspects must be verified. Message protection is an aspect of security. Every service needs an appropriate security policy defining the protection of messages exchanged between the parties to the service. Because of the intricacy of the Web Services Security Policy Language, it is difficult to verify the consistency of the security policies.

We are developing a method to verify the consistency of security policies by abstracting them. Each security policy is abstracted, and then attached as a security type to the corresponding service in the application model. The security type denotes a security level for message protection. The security developer defines the possible abstraction methods. In this paper, we define the constraint of abstraction methods based on the semantics of the policy language. And also we state verifying the consistemcy of security types by using information flow analysis.

By: Kouichi Ono, Yuichi Nakamura, Fumiko Satoh, Takaaki Tateishi

Published in: RT0714 in 2007


This Research Report is available. This report has been submitted for publication outside of IBM and will probably be copyrighted if accepted for publication. It has been issued as a Research Report for early dissemination of its contents. In view of the transfer of copyright to the outside publisher, its distribution outside of IBM prior to publication should be limited to peer communications and specific requests. After outside publication, requests should be filled only by reprints or legally obtained copies of the article (e.g., payment of royalties). I have read and understand this notice and am a member of the scientific community outside or inside of IBM seeking a single copy only.


Questions about this service can be mailed to .