Abstract
Neither provider nor user are willing to use Web services (WSs) technologies in sensitive domains without some measure of security. The users, on one hand, want to guard their personal information against unauthorized parties. While, the providers, on the other hand, wish to hide their trade secrets and internal know-how. In our previous works, we suggested the use of the Symbolic Observation Graph (SOG) as means to abstract WSs and verify their opacity. Opacity, being a formal security property, seeks to ensure the absence of secret leakage to unwanted parties. Thus, it is able to tell both parties (user and provider) if their chosen WS is secure (opaque) or not. This dichotomous (Yes/No) assertion, however, does not offer a measure of how opaque the service is. In this paper, we propose a novel opacity quantification approach that gives an opacity degree for the SOG abstraction of a Web service. This opacity degree will act as metric allowing users to choose more opaque (secure) services, while making it possible for providers to improve their WS designs for higher opacity degrees.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
