Open AccessProceedings Article
A View-based Approach for Service-Oriented Security Architecture Specification
Aleksander Dikanski,Sebastian Abeck +1 more
- pp 207-213
TLDR
A model for service-oriented security architectures is presented, which provides apt information to different consumers in the form of views to assist the consumers security goals and is exemplified by specifying different views of a web service-based security architecture.Abstract:
Developing secure software is still a software engineering challenge because of the complexity of software security. Yet integrating security engineering and software engineering is increasingly important, especially for service- oriented applications, as they are exposed to new security challenges due to their open nature. Current security engineering approaches do not consider existing security architectures, leading to redundant development of security artifacts. Further, present security architecture approaches do not provide relevant information to a security engineering process. Using a service-oriented and security architecture- centric approach for security engineering supports the development of secure service-oriented applications, as existing security solutions can be reused. In this paper, a model for service-oriented security architectures is presented, which provides apt information to different consumers, such as security engineering processes and business services, in the form of views to assist the consumers security goals. The architecture model is exemplified by specifying different views of a web service-based security architecture.read more
Citations
More filters
Journal ArticleDOI
Problem frames: analyzing and structuring software development problems. By Michael Jackson. Published by Addison‐Wesley, Boston, Massachusetts, U.S.A., ACM Press Series, 2001. ISBN: 0‐201‐59627‐X, 390 pages. Price: U.K. ?32.95, U.S.A. $49.99, soft cover.
Journal ArticleDOI
An Analysis of Application Level Security in Service Oriented Architecture
Said Nabi,Mehvish Afzal Khan +1 more
TL;DR: The objective of this research is to provide a comprehensive analysis of various approaches used to provide application level security to the web services in SOA and critically evaluate different security methods used in soA.
Proceedings Article
Towards a Reuse-oriented Security Engineering for Web-based Applications and Services
TL;DR: A framework for developing secure software systems is presented, which aims at incorporating and unifying existing security engineering approaches by applying well-established reuse-oriented software development paradigms, such as service-orientation.
Proceedings ArticleDOI
Towards flexible and reusable saas for multi-tenancy to design, implement and bind multi-functional variability for Rich-Variant services
TL;DR: An approach proposing a more flexible and reusable SaaS system for multi-tenancy integrating a functional variability using Rich-Variant Components with a deployment variability enabling the customers to choose with which others tenants they want or don't want to share instances is initiated.
Book ChapterDOI
Security challenges and solutions for e-business
TL;DR: The review finds overall that one of the most prevalent dangers is social engineering in the form of phishing attacks and recommended counteractions include education and training, and the development of new machine learning and data sharing approaches so that attacks can be quickly discovered and mitigated.
References
More filters
Book
Service-Oriented Architecture: Concepts, Technology, and Design
TL;DR: Leading the way to the true service-oriented enterprise, Thomas Erl demystifies the complexities of the open WS-I standards with detailed practical discussions and case studies.
Book
Security Engineering: A Guide to Building Dependable Distributed Systems
TL;DR: In almost 600 pages of riveting detail, Ross Anderson warns us not to be seduced by the latest defensive technologies, never to underestimate human ingenuity, and always use common sense in defending valuables.
Book
Problem Frames: Analyzing and Structuring Software Development Problems
TL;DR: This book is a must-have for all IT professionals facing software development problems on a daily basis and will provide an essential, practical guide from the task of identifying the problem to making the descriptions needed to resolve it.
Book
Enterprise SOA: Service-Oriented Architecture Best Practices
TL;DR: This chapter discusses the evolution of the Service-Oriented Architecture and its applications in the Enterprise, as well as some of the challenges faced in implementing and implementing such an architecture.
Proceedings ArticleDOI
Attributed based access control (ABAC) for Web services
Eric Yuan,J. Tong +1 more
TL;DR: The paper describes the ABAC model in terms of its authorization architecture and policy formulation, and makes a detailed comparison between ABAC and traditional role-based models, which clearly shows the advantages of ABAC.