During interactions between organizations in the field of service-oriented architecture, some security
requirements may change and new security policies addressed. Security requirements and capabilities of
Web services are defined as security policies. The purpose of this paper is reconciliation of dynamic
security policies and to explore the possibility of requirements of the new defined security policies.
To Get any Project for CSE, IT ECE, EEE Contact Me @ 09666155510, 09849539085 or mail us - ieeefinalsemprojects@gmail.com-Visit Our Website: www.finalyearprojects.org
A hierarchical account aided reputation management system for mane tsLogicMindtech Nologies
NS2 Projects for M. Tech, NS2 Projects in Vijayanagar, NS2 Projects in Bangalore, M. Tech Projects in Vijayanagar, M. Tech Projects in Bangalore, NS2 IEEE projects in Bangalore, IEEE 2015 NS2 Projects, WSN and MANET Projects, WSN and MANET Projects in Bangalore, WSN and MANET Projects in Vijayangar
PUBLIC INTEGRIYT AUDITING FOR SHARED DYNAMIC DATA STORAGE UNDER ONTIME GENERA...paperpublications3
Abstract: Nowadays verifying the result of the remote computation plays a crucial role in addressing in issue of trust. The outsourced data collection comes for multiple data sources to diagnose the originator of errors by allotting each data sources a unique secrete key which requires the inner product conformation to be performed under any two parties different keys. The proposed methods outperform AISM technique to minimize the running time. The multi-key setting is given different secrete keys, multiple data sources can be upload their data streams along with their respective verifiable homomorphic tag. The AISM consist of three novel join techniques depending on the ADS availability: (i) Authenticated Indexed Sort Merge Join (AISM), which utilizes a single ADS on the join attribute, (ii) Authenticated Index Merge Join (AIM) that requires an ADS (on the join attribute) for both relations, and (iii) Authenticated Sort Merge Join (ASM), which does not rely on any ADS. The client should allow choosing any portion in the data streams for queries. The communication between the client and server is independent of input size. The inner product evaluation can be performed by any two sources and the result can be verified by using the particular tag.
Keywords: Computation of outsourcing, Data Stream, Multiple Key, Homomorphic encryption.
Title: PUBLIC INTEGRIYT AUDITING FOR SHARED DYNAMIC DATA STORAGE UNDER ONTIME GENERATED MULTIPLE KEYS
Author: C. NISHA MALAR, M. S. BONSHIA BINU
ISSN 2350-1049
International Journal of Recent Research in Interdisciplinary Sciences (IJRRIS)
Paper Publications
To Get any Project for CSE, IT ECE, EEE Contact Me @ 09666155510, 09849539085 or mail us - ieeefinalsemprojects@gmail.com-Visit Our Website: www.finalyearprojects.org
A hierarchical account aided reputation management system for mane tsLogicMindtech Nologies
NS2 Projects for M. Tech, NS2 Projects in Vijayanagar, NS2 Projects in Bangalore, M. Tech Projects in Vijayanagar, M. Tech Projects in Bangalore, NS2 IEEE projects in Bangalore, IEEE 2015 NS2 Projects, WSN and MANET Projects, WSN and MANET Projects in Bangalore, WSN and MANET Projects in Vijayangar
PUBLIC INTEGRIYT AUDITING FOR SHARED DYNAMIC DATA STORAGE UNDER ONTIME GENERA...paperpublications3
Abstract: Nowadays verifying the result of the remote computation plays a crucial role in addressing in issue of trust. The outsourced data collection comes for multiple data sources to diagnose the originator of errors by allotting each data sources a unique secrete key which requires the inner product conformation to be performed under any two parties different keys. The proposed methods outperform AISM technique to minimize the running time. The multi-key setting is given different secrete keys, multiple data sources can be upload their data streams along with their respective verifiable homomorphic tag. The AISM consist of three novel join techniques depending on the ADS availability: (i) Authenticated Indexed Sort Merge Join (AISM), which utilizes a single ADS on the join attribute, (ii) Authenticated Index Merge Join (AIM) that requires an ADS (on the join attribute) for both relations, and (iii) Authenticated Sort Merge Join (ASM), which does not rely on any ADS. The client should allow choosing any portion in the data streams for queries. The communication between the client and server is independent of input size. The inner product evaluation can be performed by any two sources and the result can be verified by using the particular tag.
Keywords: Computation of outsourcing, Data Stream, Multiple Key, Homomorphic encryption.
Title: PUBLIC INTEGRIYT AUDITING FOR SHARED DYNAMIC DATA STORAGE UNDER ONTIME GENERATED MULTIPLE KEYS
Author: C. NISHA MALAR, M. S. BONSHIA BINU
ISSN 2350-1049
International Journal of Recent Research in Interdisciplinary Sciences (IJRRIS)
Paper Publications
To Get any Project for CSE, IT ECE, EEE Contact Me @ 09849539085, 09966235788 or mail us - ieeefinalsemprojects@gmail.co¬m-Visit Our Website: www.finalyearprojects.org
A statistical data fusion technique in virtual data integration environmentIJDKP
Data fusion in the virtual data integration environment starts after detecting and clustering duplicated
records from the different integrated data sources. It refers to the process of selecting or fusing attribute
values from the clustered duplicates into a single record representing the real world object. In this paper, a
statistical technique for data fusion is introduced based on some probabilistic scores from both data
sources and clustered duplicates
To Get any Project for CSE, IT ECE, EEE Contact Me @ 09849539085, 09966235788 or mail us - ieeefinalsemprojects@gmail.co¬m-Visit Our Website: www.finalyearprojects.org
ASPECTUAL PATTERNS FOR WEB SERVICES ADAPTATIONijwscjournal
The security policies of an application can change at runtime for some reasons such as the changes on the user preferences, the performance reasons or the negotiation of security levels between the interacting parties. If these security policies are embedded in the services, their modifications require to modify the services, stop and deploy new version. Aspect oriented paradigm provides the possibility to define separated components that is named aspect. In this paper, in order to fulfill security requirements, we will classify required changes of services and for each classifications, how aspects injection will be described. Finally, we will present a pattern for each aspect of each classification.
ASPECTUAL PATTERNS FOR WEB SERVICES ADAPTATIONijwscjournal
The security policies of an application can change at runtime for some reasons such as the changes on the
user preferences, the performance reasons or the negotiation of security levels between the interacting
parties. If these security policies are embedded in the services, their modifications require to modify the
services, stop and deploy new version. Aspect oriented paradigm provides the possibility to define
separated components that is named aspect. In this paper, in order to fulfill security requirements, we will
classify required changes of services and for each classifications, how aspects injection will be described.
Finally, we will present a pattern for each aspect of each classification.
ADAPTIVE MODEL FOR WEB SERVICE RECOMMENDATIONijwscjournal
The Competition between different Web Service Providers to enhance their services and to increase the
users' usage of their provided services raises the idea of our research. Our research is focusing on
increasing the number of services that User or Developer will use. We proposed a web service’s
recommendation model by applying the data mining techniques like Apriori algorithm to suggest another
web service beside the one he got from the discovery process based on the user’s History.
ADAPTIVE MODEL FOR WEB SERVICE RECOMMENDATIONijwscjournal
The Competition between different Web Service Providers to enhance their services and to increase the users' usage of their provided services raises the idea of our research. Our research is focusing on increasing the number of services that User or Developer will use. We proposed a web service’s recommendation model by applying the data mining techniques like Apriori algorithm to suggest another web service beside the one he got from the discovery process based on the user’s History. For implementing our model, we used a curated source for web services and users, which also contains a complete information about users and their web services usage. We found a BioCatalogue: our proposed
model was tested on a Curated Web Service Registry (BioCatalogue).and 70 % of users chose services from services that recommended by our model besides the discovered ones by BioCatalogue.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
IJERA (International journal of Engineering Research and Applications) is International online, ... peer reviewed journal. For more detail or submit your article, please visit www.ijera.com
A Formal Framework for SAAS Customization Based on Multi-Layered Architecture...CSCJournals
As the rapid increment on the number of software systems and its�s user, the complexity to manage the software systems is not very easy. Software as a service (SaaS) provides only user required software services in form of web - mostly based on the vendor developed/maintained model, which creates the new challenges for the software customers (tenants).
In this paper, we purpose a multi-layered architecture of SAAS framework, customized by both vendors and tenants - with the help of process algebra. Moreover, the architecture will be able to offer an extant vendor model of SAAS as well as tenant based precise self-customization services system, while all the processes are present in an algebraic form.
Finally, we show the efficiency and effectiveness of our architecture via process algebra, which we believe is a well-designed and non-existing architecture of the SAAS customization framework.
We provide project guidance for final year MTech, BTech, MSc, MCA, ME, BE, BSc, BCA & Diploma students in Electronics, Computer Science, Information Technology, Instrumentation, Electrical & Electronics, Power electronics, Mechanical, Automobile etc. We provide live project assistance and will make the students involve throughout the project. We specialize in Matlab, VLSI, CST, JAVA, .NET, ANDROID, PHP, NS2, EMBEDDED, ARDUINO, ARM, DSP, etc based areas. We research in Image processing, Signal Processing, Wireless communication, Cloud computing, Data mining, Networking, Artificial Intelligence and several other areas. We provide complete support in project completion, documentation and other works related to project.Success is a lousy teacher. It seduces smart people into thinking they can't lose.we have better knowledge in this field and updated with new innovative technologies.
Call me at: 9037291113.
This IBM specification extends the policy subject attachment semantics as defined in WS-PolicyAttachment v1.5 framework. It provides standardization across Policy Enforcement and Policy Administration platforms for describing policies that should be applied to specific consumers of a service. The specification defines a new policy subject domain (MessageContent) that defines policy attachment filtering based on the content of messages (which complements the use of web services attachment semantics, such as WSDL 1.1 Element Identifers). WebSphere DataPower provides support for this specification starting with release 5.0. http://ibm.co/11KJTd
To Get any Project for CSE, IT ECE, EEE Contact Me @ 09849539085, 09966235788 or mail us - ieeefinalsemprojects@gmail.co¬m-Visit Our Website: www.finalyearprojects.org
A statistical data fusion technique in virtual data integration environmentIJDKP
Data fusion in the virtual data integration environment starts after detecting and clustering duplicated
records from the different integrated data sources. It refers to the process of selecting or fusing attribute
values from the clustered duplicates into a single record representing the real world object. In this paper, a
statistical technique for data fusion is introduced based on some probabilistic scores from both data
sources and clustered duplicates
To Get any Project for CSE, IT ECE, EEE Contact Me @ 09849539085, 09966235788 or mail us - ieeefinalsemprojects@gmail.co¬m-Visit Our Website: www.finalyearprojects.org
ASPECTUAL PATTERNS FOR WEB SERVICES ADAPTATIONijwscjournal
The security policies of an application can change at runtime for some reasons such as the changes on the user preferences, the performance reasons or the negotiation of security levels between the interacting parties. If these security policies are embedded in the services, their modifications require to modify the services, stop and deploy new version. Aspect oriented paradigm provides the possibility to define separated components that is named aspect. In this paper, in order to fulfill security requirements, we will classify required changes of services and for each classifications, how aspects injection will be described. Finally, we will present a pattern for each aspect of each classification.
ASPECTUAL PATTERNS FOR WEB SERVICES ADAPTATIONijwscjournal
The security policies of an application can change at runtime for some reasons such as the changes on the
user preferences, the performance reasons or the negotiation of security levels between the interacting
parties. If these security policies are embedded in the services, their modifications require to modify the
services, stop and deploy new version. Aspect oriented paradigm provides the possibility to define
separated components that is named aspect. In this paper, in order to fulfill security requirements, we will
classify required changes of services and for each classifications, how aspects injection will be described.
Finally, we will present a pattern for each aspect of each classification.
ADAPTIVE MODEL FOR WEB SERVICE RECOMMENDATIONijwscjournal
The Competition between different Web Service Providers to enhance their services and to increase the
users' usage of their provided services raises the idea of our research. Our research is focusing on
increasing the number of services that User or Developer will use. We proposed a web service’s
recommendation model by applying the data mining techniques like Apriori algorithm to suggest another
web service beside the one he got from the discovery process based on the user’s History.
ADAPTIVE MODEL FOR WEB SERVICE RECOMMENDATIONijwscjournal
The Competition between different Web Service Providers to enhance their services and to increase the users' usage of their provided services raises the idea of our research. Our research is focusing on increasing the number of services that User or Developer will use. We proposed a web service’s recommendation model by applying the data mining techniques like Apriori algorithm to suggest another web service beside the one he got from the discovery process based on the user’s History. For implementing our model, we used a curated source for web services and users, which also contains a complete information about users and their web services usage. We found a BioCatalogue: our proposed
model was tested on a Curated Web Service Registry (BioCatalogue).and 70 % of users chose services from services that recommended by our model besides the discovered ones by BioCatalogue.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
IJERA (International journal of Engineering Research and Applications) is International online, ... peer reviewed journal. For more detail or submit your article, please visit www.ijera.com
A Formal Framework for SAAS Customization Based on Multi-Layered Architecture...CSCJournals
As the rapid increment on the number of software systems and its�s user, the complexity to manage the software systems is not very easy. Software as a service (SaaS) provides only user required software services in form of web - mostly based on the vendor developed/maintained model, which creates the new challenges for the software customers (tenants).
In this paper, we purpose a multi-layered architecture of SAAS framework, customized by both vendors and tenants - with the help of process algebra. Moreover, the architecture will be able to offer an extant vendor model of SAAS as well as tenant based precise self-customization services system, while all the processes are present in an algebraic form.
Finally, we show the efficiency and effectiveness of our architecture via process algebra, which we believe is a well-designed and non-existing architecture of the SAAS customization framework.
We provide project guidance for final year MTech, BTech, MSc, MCA, ME, BE, BSc, BCA & Diploma students in Electronics, Computer Science, Information Technology, Instrumentation, Electrical & Electronics, Power electronics, Mechanical, Automobile etc. We provide live project assistance and will make the students involve throughout the project. We specialize in Matlab, VLSI, CST, JAVA, .NET, ANDROID, PHP, NS2, EMBEDDED, ARDUINO, ARM, DSP, etc based areas. We research in Image processing, Signal Processing, Wireless communication, Cloud computing, Data mining, Networking, Artificial Intelligence and several other areas. We provide complete support in project completion, documentation and other works related to project.Success is a lousy teacher. It seduces smart people into thinking they can't lose.we have better knowledge in this field and updated with new innovative technologies.
Call me at: 9037291113.
This IBM specification extends the policy subject attachment semantics as defined in WS-PolicyAttachment v1.5 framework. It provides standardization across Policy Enforcement and Policy Administration platforms for describing policies that should be applied to specific consumers of a service. The specification defines a new policy subject domain (MessageContent) that defines policy attachment filtering based on the content of messages (which complements the use of web services attachment semantics, such as WSDL 1.1 Element Identifers). WebSphere DataPower provides support for this specification starting with release 5.0. http://ibm.co/11KJTd
This Object Management Group (OMG) RFP solicits submissions identifying and defining mechanisms to achieve integration between DDS infrastructures and TSN networks. The goal is to provide all artifacts needed to support the design, deployment and execution of DDS systems over TSN networks.
The DDS-TSN integration specification sought shall realize the following functionality:
● Define mechanisms that provide the information required for TSN-enabled networks to calculate any network schedules needed to deploy a DDS system.
OMG RFP
● Identify those parts of the set of the IEEE TSN standards that are relevant for a DDS-TSN integration and indicate how the DDS aspects are mapped onto, or related to, the associated TSN aspects. Examples include TSN- standardized information models for calculating system-wide schedules and configuring network equipment.
● Identify and specify necessary extensions to the [DDSI-RTPS] and [DDS- SECURITY] specifications, if any, to allow DDS infrastructures to use TSN- enabled networks as their transport while maintaining interoperability between different DDS implementations.
● Identify and specify necessary extensions to the DDS and DDS- XML specification, if any, to allow declaration of TSN-specific properties or quality of service attributes.
Automatic Management of Wireless Sensor Networks through Cloud Computingyousef emami
With the faster adoption of wireless sensor networks (WSNs),on the one hand sensor-derived data need to be accessed via various Web-based social networks or virtual communities and on the other hand, limited processing ability of WSNs is a hurdle. To address this issue WSNs can be integrated with cloud. Cloud enjoys ample processing ability andis a capable infrastructure to deliver people-centric and context-aware services to users, thus expedites adoption of WSNs.In this paper anovel framework based on policy based network management is proposed to integrate WSNs with cloud, aimstoautomate and simplifies WSN’smanagement tasks.
MODEL-DRIVEN SECURITY ASSESSMENT AND VERIFICATION FOR BUSINESS SERVICES ijwscjournal
Information security covers many areas within an enterprise. Each area has security vulnerabilities and, hopefully, some corresponding countermeasures that raise the security level and
provide better protection. The fundamental concepts in information security are the security model, which outlines how security is to be implemented. A security policy outlines how data is accessed, what level of security is required, and what actions should be taken when these requirements are not met. A security model is a statement that outlines the requirements necessary to properly support and implement a certain security policy. An important concept in the design and analysis of secure systems is the security model, because it incorporates the security policy that should be enforced in the system. A model is a symbolic representation of a policy. It maps the desires of the policy makers into a set of rules that are to be followed by a computer system. In the paper we propose a model driven security assessment and verification for business service. The Security Assessment and Verification verifies whether the Application and Services are secure based on the Service Level Agreement and generates the report on the level of security features. It is designed to help business owners, operators and staff to assess the security of their business. It covers potential areas of vulnerability, and provides suggestions for adapting your security to reduce the risk of crime against your business. A security policy states that no one from a lower security level should be able to view or modify information at a higher security level, the supporting security model will outline the necessary logic and rules that need to be implemented to
ensure that under no circumstances can a lower-level subject access a higher-level object in an unauthorized manner. The security policy is an abstract term that represents the objectives and goals a system must meet and accomplish to be deemed secure and acceptable.
Hybrid optimization of pumped hydro system and solar- Engr. Abdul-Azeez.pdffxintegritypublishin
Advancements in technology unveil a myriad of electrical and electronic breakthroughs geared towards efficiently harnessing limited resources to meet human energy demands. The optimization of hybrid solar PV panels and pumped hydro energy supply systems plays a pivotal role in utilizing natural resources effectively. This initiative not only benefits humanity but also fosters environmental sustainability. The study investigated the design optimization of these hybrid systems, focusing on understanding solar radiation patterns, identifying geographical influences on solar radiation, formulating a mathematical model for system optimization, and determining the optimal configuration of PV panels and pumped hydro storage. Through a comparative analysis approach and eight weeks of data collection, the study addressed key research questions related to solar radiation patterns and optimal system design. The findings highlighted regions with heightened solar radiation levels, showcasing substantial potential for power generation and emphasizing the system's efficiency. Optimizing system design significantly boosted power generation, promoted renewable energy utilization, and enhanced energy storage capacity. The study underscored the benefits of optimizing hybrid solar PV panels and pumped hydro energy supply systems for sustainable energy usage. Optimizing the design of solar PV panels and pumped hydro energy supply systems as examined across diverse climatic conditions in a developing country, not only enhances power generation but also improves the integration of renewable energy sources and boosts energy storage capacities, particularly beneficial for less economically prosperous regions. Additionally, the study provides valuable insights for advancing energy research in economically viable areas. Recommendations included conducting site-specific assessments, utilizing advanced modeling tools, implementing regular maintenance protocols, and enhancing communication among system components.
Immunizing Image Classifiers Against Localized Adversary Attacksgerogepatton
This paper addresses the vulnerability of deep learning models, particularly convolutional neural networks
(CNN)s, to adversarial attacks and presents a proactive training technique designed to counter them. We
introduce a novel volumization algorithm, which transforms 2D images into 3D volumetric representations.
When combined with 3D convolution and deep curriculum learning optimization (CLO), itsignificantly improves
the immunity of models against localized universal attacks by up to 40%. We evaluate our proposed approach
using contemporary CNN architectures and the modified Canadian Institute for Advanced Research (CIFAR-10
and CIFAR-100) and ImageNet Large Scale Visual Recognition Challenge (ILSVRC12) datasets, showcasing
accuracy improvements over previous techniques. The results indicate that the combination of the volumetric
input and curriculum learning holds significant promise for mitigating adversarial attacks without necessitating
adversary training.
Explore the innovative world of trenchless pipe repair with our comprehensive guide, "The Benefits and Techniques of Trenchless Pipe Repair." This document delves into the modern methods of repairing underground pipes without the need for extensive excavation, highlighting the numerous advantages and the latest techniques used in the industry.
Learn about the cost savings, reduced environmental impact, and minimal disruption associated with trenchless technology. Discover detailed explanations of popular techniques such as pipe bursting, cured-in-place pipe (CIPP) lining, and directional drilling. Understand how these methods can be applied to various types of infrastructure, from residential plumbing to large-scale municipal systems.
Ideal for homeowners, contractors, engineers, and anyone interested in modern plumbing solutions, this guide provides valuable insights into why trenchless pipe repair is becoming the preferred choice for pipe rehabilitation. Stay informed about the latest advancements and best practices in the field.
CFD Simulation of By-pass Flow in a HRSG module by R&R Consult.pptxR&R Consult
CFD analysis is incredibly effective at solving mysteries and improving the performance of complex systems!
Here's a great example: At a large natural gas-fired power plant, where they use waste heat to generate steam and energy, they were puzzled that their boiler wasn't producing as much steam as expected.
R&R and Tetra Engineering Group Inc. were asked to solve the issue with reduced steam production.
An inspection had shown that a significant amount of hot flue gas was bypassing the boiler tubes, where the heat was supposed to be transferred.
R&R Consult conducted a CFD analysis, which revealed that 6.3% of the flue gas was bypassing the boiler tubes without transferring heat. The analysis also showed that the flue gas was instead being directed along the sides of the boiler and between the modules that were supposed to capture the heat. This was the cause of the reduced performance.
Based on our results, Tetra Engineering installed covering plates to reduce the bypass flow. This improved the boiler's performance and increased electricity production.
It is always satisfying when we can help solve complex challenges like this. Do your systems also need a check-up or optimization? Give us a call!
Work done in cooperation with James Malloy and David Moelling from Tetra Engineering.
More examples of our work https://www.r-r-consult.dk/en/cases-en/
Cosmetic shop management system project report.pdfKamal Acharya
Buying new cosmetic products is difficult. It can even be scary for those who have sensitive skin and are prone to skin trouble. The information needed to alleviate this problem is on the back of each product, but it's thought to interpret those ingredient lists unless you have a background in chemistry.
Instead of buying and hoping for the best, we can use data science to help us predict which products may be good fits for us. It includes various function programs to do the above mentioned tasks.
Data file handling has been effectively used in the program.
The automated cosmetic shop management system should deal with the automation of general workflow and administration process of the shop. The main processes of the system focus on customer's request where the system is able to search the most appropriate products and deliver it to the customers. It should help the employees to quickly identify the list of cosmetic product that have reached the minimum quantity and also keep a track of expired date for each cosmetic product. It should help the employees to find the rack number in which the product is placed.It is also Faster and more efficient way.
1. International Journal on Web Service Computing (IJWSC), Vol.5, No.4, December 2014
DOI : 10.5121/ijwsc.2014.5401 1
NEGOTIATION ON A NEW POLICY IN SERVICE
Fereshteh Bayat and Afshin Salajegheh and Yousef Rastegari
.
M.S. Graduate of Software Engineering,Azad University South Branch,tehran,Iran
Ph.D Assistant Professor of Software Engineering and Computer Science
IAU Tehran South Branch,Tehran,Iran
Ph.D. Candidate of Shahid Beheshti University, Electrical & Computer Engineering
Department, Tehran, Iran
ABSTRACT
During interactions between organizations in the field of service-oriented architecture, some security
requirements may change and new security policies addressed. Security requirements and capabilities of
Web services are defined as security policies. The purpose of this paper is reconciliation of dynamic
security policies and to explore the possibility of requirements of the new defined security policies.
During the process of applying the defined dynamic policy, is checked whether the service provider can
accept the new policy or not. Therefore, the compatibility between existing policies and new defined
policies are checked, and because the available algorithms for sharing between the two policies, resulted in
duplication and contradictory assertion, in this paper for providing a compromise between the provided
policy and the new policy, the fuzzy inference method mamdany is used . and by comparing the security
level of proposed policy with the specified functionality, the negotiating procedure is done . The difference
between the work done in this paper and previous works is in fuzzy calculation and conclusion for
negotiations. the advantages of thi work is that policies are defined dynamically and applied to bpel , also
can be changed independently of bpel file.
KEYWORDS
Policy,Policy Attachment,Negotiation
1. INTRODUCTION
In general, to determine which web service is appropriate for a specific application, functional
capabilities should be adapt able with functional requirements and also non-functional capabilities
in Web service should meet non-functional requirements. Consumer and provider of Web
services, define their requirements and security policies as XML files named ws-policy. WS-
policy provides a basic structure to describe a wide range of requirements and capabilities of Web
services. In this paper, the changes are security changes and while applying new policies to
processes , check whether the service provider will be accept the new policy or not.
In part 2, the structure of policies is defined. In part 3, the framework will be described and check
the ability to dynamically negotiate on new policy. If the negotiation success , the new policy
will be dynamically applied. The fuzzy tools of Matlab is used for implementation of proposed
method. Section four presents the conclusions and suggestions for future deals.
2. International Journal on Web Service Computing (IJWSC), Vol.5, No.4, December 2014
2
2. WS-POLICY STRUCTURE
WS-Policy (Web Service Policy) is used to describe the quality of service. WS- Policy, is a
general-purpose model for describing Web service policies, which including blocks to exchange
their policies. WS-Policy defines a policy as a set of alternative which each alternative is a set of
assertions. indeed assertions describe requirements and functionalities of the Web service.
The main structure of a policy in the normal form is as follows:
<wsp:Policy … >
<wsp:ExactlyOne>
( <wsp:All> ( <Assertion …> … </Assertion> )* </wsp:All> )*
</wsp:ExactlyOne>
</wsp:Policy>
Listing 1 : normal ws-policy structure
The following example represents the normal form of a policy:
(01) <wsp:Policy
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" >
(02) <wsp:ExactlyOne>
(03) <wsp:All>
(04) <sp:Basic256Rsa15 />
(05) </wsp:All>
(06) <wsp:All>
(07) <sp:TripleDesRsa15 />
(08) </wsp:All>
(09) </wsp:ExactlyOne>
(10) </wsp:Policy>
Listing 2 : ws-policy example
3. PROBLEM PLAN
In order to provide security during data exchange between the services, should service providers
and requester agree on their capabilities and requirements. The WS-Policy does not offer a
negotiated solution over the web service policies. During interactions between organizations,
some Web Service security requirements may be changed and the new security policy is defined.
In order to dynamically attach policies to bpel and negotiate on the proposed policy, outlined
framework in section 4 is provided.
4 . PROPOSED FRAMEWORK
To attach new policy to BPEL externally and negotiate on policies, outlined framework in Figure
1 is provided. The proposed policy is attached on the two input files and how to attach is
reflected. Before the change of policy attachment file, a lock is set on policy file to prevent
changes during policy attachment process. Then policies and activities that policies be attached to
are identified and a mapping between the scope's activities and the new corresponding policy is
created. In order to link a defined external policy with BPEL activities, WS-Policy Attachment
structure is used . Attached files are XML files containing “Applies to” element and, “selector”;
3. International Journal on Web Service Computing (IJWSC), Vol.5, No.4, December 2014
3
the child element. The selector is, an XPATH expression to select an activity within bpel scope. It
also contains another element called PolicyReference which includes a reference to a policy. For
example, the proposed policy by the name “ATM_new_Policy” . apply to “createTicket” activity
as follows:
Listing 3 : policy attachment
And content of the new policy of ATM_new_Policy are:
Listing 3 :
policy
Listing 3 :
policy
Listing 4 ATM_new_Policy
Figure 1 : proposed framework for new policy attachment and negotiation
<wsp:PolicyAttachment
xmlns:wsp=”http://schemas.xmlsoap.org/ws/policy/”
xmlns:bpel=”http://schemas.xmlsoap.org/ws/business−process/”>
<wsp:AppliesTo>
<bpat:selector>
//bpel:scope[@name=”TicketCreationUnit”]//bpel:invoke[@operation=”createTicket”]
</bpat:selector>
</wsp:AppliesTo>
<wsp:PolicyReference
URI=” http://schemas.xmlsoap.org/ws/securitypolicy./ATM_new_Policy”/>
</wsp:PolicyAttachment>
<wsp:Policy
Xmlns:wsu = “http://schemas.xmlsoap.org/ws/securitypolicy”
Wsu:Id=”ATM_new_Policy”>
<wsp:ExactlyOne>
<wsp:All>
<sp:AlgorithmSuite>
<sp:Basic256/>
</sp:AlgorithmSuite>
<sp: AuthenticationToken>
<sp:UsernameToken/>
</sp: AuthenticationToken >
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
4. International Journal on Web Service Computing (IJWSC), Vol.5, No.4, December 2014
4
Figure 1 : proposed framework for new policy attachment and negotiation
We will describe Figure 1 at below:
Analyze: when it turns to perform an bpel activity within the particular bpel scope, searching
begins in the mapping file,to determine whether new policy for proposed activitiy is defined or
not. If the policy is not defined, bpel engine is notified to continue its work. If the new policy is
defined, then it is surveyed that the proposed policy is new to attach to the activity or is already
applied.
Renegotiate: In this part, fuzzy calculations are done for all alternatives in the proposed policy.
If the security level for at least one alternative is supported by provider, negotiation will be done,
if not ,another supplier is reselect.
Fuzzy Unit: in order to negotiate for accepting the new policy, the degree of provided security
by the new policy is calculated according to the fuzzy calculations and then compared with
provider's capabilities.
Table 1 : Algorithm_Suite
Table 1 : Algorithm_Suite
Assigned_number
AlgorithmSuite
16Basic256
15Basic192
14Basic128
13TipleDes
12Basic256Rsa15
11Basic192Rsa15
10Basic128Rsa15
9TripleDesRsa15
8Basic256Sha256
5. International Journal on Web Service Computing (IJWSC), Vol.5, No.4, December 2014
5
7Basic192Sha256
6Basic128Sha256
5TripleDesSha256
4Basic256Sha256Rsa15
3Basic192Sha256Rsa15
2Basic128Sha256Rsa15
1TripleDesSha256Rsa15
0No-algorithm
Table 2 : AuthenticationToken
Assigned_numberAthenticationToken
9X509Token
8KerberosToken
7SamlToken
6RelToken
5SecureConversationToken
4SecurityContextToken
3SpnegoContextToken
2IssuedToken
1UsernameToken
0No-algorithm
Table 1 represents a sequence of algorithms and the sequence of tokens are described in Table 2.
Algorithm Suite and Authentication Token are assertion types of policy. The left column of table
1 is from the strongest to the weakest algorithm and the left column of table2 is from the strongest
to the weakest authentication token . For example TripleDesSha256Rsa15 and Username Token
are the weakest .[4] For each input variable Algorithm Suite, Authentication Token and security
output variable, fuzzy sets are defined in accordance with membership functions in Figures 2, 3
and 4.
Figure 2 : algorithmSuite membership function
Figure 3 : authenticationToken membership function
6. International Journal on Web Service Computing (IJWSC), Vol.5, No.4, December 2014
6
Figure 4 :security membership function
Based on fuzzy calculation steps and defined fuzzy rules, output fuzzy calculation, for the
proposed ATM_new_Policy would be accordance with Figure 5.
Figure 5 : Fuzzy Mamdani method output in Matlab
The final step is to calculate a value corresponding to the security level which is the center of
gravity for the aggregsted area in figure 5. In the example above, as can be seen in Figure 2
Calculated security level is equal to 60. In accordance to obtained number = 60, and the provider
capability for the security policy is defined between 60 and 70, then negotiation will be
performed. In fact, the fuzzy calculations for all new policy alternatives is done and if at least the
security level of one alternative is supported by provider, the negotiation will be done but if the
calculated security level of none of the alternatives is not included in the capability range of
provider, then another provider will be selected.
Enforce policy: After doing the above steps, bpel engine attachment file corresponding to input
attachment file will be modified and during the execution of the corresponding activity in bpel,
the proposed policy will apply. Input attachment will be unlocked to be accessible for future
changes.
5. CONCLUSIONS
WS-policy is used to specify the security features of web services .
In this paper a framework is proposed to attach a new policy to bpel activitiy dynamically and
negotiate between requester and provider . Among the advantages that can point for the proposed
framework , is that external attachment of policies to bpel distinct the business process logic from
describtion of quality of service . The policies and BPEL files can be changed independently of
each other. In addition, the policies can be changed at runtime. It also reduces the complexity of
BPEL processes,increase maintainability and changability of bpel processes.
7. International Journal on Web Service Computing (IJWSC), Vol.5, No.4, December 2014
7
REFERENCES
[1] S.Bajaj,D.Box,F.Chappell “Web Service Policy 1.2 - Framework (WS-Policy) , W3C Member
Submission 25 April 2006
[2] G.Della-Libera,M.Gudgin “Web Services Security Policy Language (WS-SecurityPolicy)”
,IBM,Microsoft,RSA,Verisign, July 2005
[3] A.Charfi,R.Khalaf,N.Mukhi “QOS-aware web service composition using non-intrusive policy
attachment to bpel”,Springer ,pp.582-593 , 2007
[4] T.Lavarack,M.Coetzee “Considering web services security policy compatibility” , IEEE Information
Security for South Africa (ISSA) , august 2010
[5] A.Strunk,S.Reichert,A.Schill “An Infrastructure for supporting Rebinding in BPEL Processes”,IEEE
Enterprise Distributed Object Computing Conference Workshops , pp.230-237,Sept.2009
[6] M.Negnevitsky “Artificial Intelligence: A Guide to Intelligent Systems” , Pearson Education , 2009