Towards a secure service coordination

This paper presents an approach for building secure service-based coordinated systems. Secure coordination is considered at two levels: abstraction (i.e., specification) and execution (i.e., run level). At the abstraction level, we define a general model enabling to specify coordination and its related non functional properties (such as security). The idea is to use constraints for expressing the application logic of a coordinated system and its required security strategies. Coordination activities are the key concepts used for controlling the execution of participating services. Constraints are specified as pre and post conditions of these coordination activities. At the execution level, we propose an architecture which implements strategies to verify constraints and manage the secure execution of coordination. We propose also an instantiating vade-mecum to configure execution level components according to a specific set of constraints.