Lapadula, Alessandro and Pugliese, Rosario and Tiezzi, Francesco
Regulating Data Exchange in Service Oriented Applications.
International Symposium on Fundamentals of Software Engineering (FSEN 2007).
Lecture Notes in Computer Science, 4767
Springer, pp. 223-239.
We define a type system for COWS, a formalism for specifying and combining services, while modelling their dynamic behaviour. Our types permit to express policies constraining data exchanges in terms of sets of service partner names attachable to each single datum. Service programmers explicitly write only the annotations necessary to specify the wanted policies for communicable data, while a type inference system (statically) derives the minimal additional annotations that ensure consistency of services initial configuration. Then, the language dynamic semantics only performs very simple checks to authorize or block communication. We prove that the type system and the operational semantics are sound. As a consequence, we have the following data protection property: services always comply with the policies regulating the exchange of data among interacting services. We illustrate our approach through a simplified but realistic scenario for a service-based electronic marketplace.
Actions (login required)