QoS aware descriptions for RESTful service composition: security domain

Cristian Sepulveda, Rosa Alarcon, Jesus Bellido

Research output: Contribution to journalArticlepeer-review

9 Scopus citations

Abstract

Current research on QoS aware service composition focuses on a WSDL/RPC service paradigm, characterized by a centralized, synchronous, and stateful approach. In this paper, we explore QoS aware RESTful services composition, which is characterized by a decentralized, stateless and hypermedia-driven environment. We focus particularly on the security domain since current security practices on the Web illustrate the differences between both the centralized, function-based approach and the decentralized, hypermedia and resource-based approach. We rely on ReLL (a REST service description) that can be processed by machine-clients in order to interact with RESTful services. Our approach identifies key security domain elements as an ontology. Elements serve to model hypermedia-based, decentralized security descriptions supporting simple and complex interaction such as protocols and callbacks. In this paper, we propose an extension to ReLL that considers security constraints (ReLL-S) and allows a machine-client to interact with secured resources, where security conditions may change dynamically. A case study illustrates our approach.

Original languageEnglish
Pages (from-to)767-794
Number of pages28
JournalWorld Wide Web
Volume18
Issue number4
DOIs
StatePublished - 27 Jul 2015
Externally publishedYes

Keywords

  • Choreographies
  • REST
  • Security
  • Service composition

Fingerprint

Dive into the research topics of 'QoS aware descriptions for RESTful service composition: security domain'. Together they form a unique fingerprint.

Cite this