Security Models for Web Services

Another security concern for composite Web services is information flow. That is, when Web services are composed, it is critical that there be no information flow from a high level to a low level. Our research focuses on various aspects of Web services security, including the delegation models and information flows for Web service composition. Therefore, in this chapter, we will provide an overview of our research in Web services security. This research is being carried out by Wei She, I-Ling Yen, Bhavani Thuraisingham, and Elisa Bertino. In particular, we summarize the

work we have reported in our recent papers [SHE07], [SHE08], [SHE09]. The organization of this chapter is as follows. In Section 13.2, we will present our delegation model for Web services. In Section 13.3, we will describe our information flow in service composition. Multilevel security for Web services is discussed in Section 13.4. Section 13.5 concludes the chapter. Figure 13.1 illustrates security models for Web services.