Modeling the Evaluation Criteria for Security Patterns in Web Service Discovery
نویسندگان
چکیده
Current trends in performing business-to-business transactions and enterprise application integration have been extended to the use of web service. With web services being accepted and deployed in both research and industrial areas, the security related issues become important. Web services security has attracted the attention of researchers in the area of security due to the proven fact that most attacks to businesses and organizations exploit web service vulnerabilities. The main goal of this research is to achieve security concept of the web service can be summarized to this single value. In this paper, we evaluate common security patterns with respect to the STRIDE model of attacks by examining the attacks performed in different web services system. In order to evaluate security we introduce a new measure for the computation of a security rating of web service based on STRIDE test case model such that the security concept of the system can be summarized to single value. The overall severity for the risk that can expressed in measurable way.
منابع مشابه
Modeling the Evaluation Criteria for Security Patterns in Web Service Discovery
Current trends in performing business-to-business transactions and enterprise application integration have been extended to the use of web service. With web services being accepted and deployed in both research and industrial areas, the security related issues become important. Web services security has attracted the attention of researchers in the area of security due to the proven fact that m...
متن کاملBuilding Trust for Web Services Security Patterns
Security is a very important aspect for web service technology. Many people find the idea of creating security metrics to be a daunting task. Secure web service discovery aims at finding the best component services that satisfy the end-to-end security requirements between service consumer and service provider. The term "metrics or criteria" refers to specific objectives that have defined securi...
متن کاملA model for specification, composition and verification of access control policies and its application to web services
Despite significant advances in the access control domain, requirements of new computational environments like web services still raise new challenges. Lack of appropriate method for specification of access control policies (ACPs), composition, verification and analysis of them have all made the access control in the composition of web services a complicated problem. In this paper, a new indepe...
متن کاملMatchmaking for Semantic Web Services with Constraints on Process Models
-. Service discovery is part of the service-oriented architectural model and supported by any of the realising technologies including Web Services. This paper presents an agent-based system for discovering semantic Web Services whose behaviour is described by OWL-S process model. Rules can be set to constrain service processes, and criteria for considering matching between a service process and...
متن کاملکشف سرویسهای ابری در زبان فارسی از طریق تکامل هستانشناسی
Abstract The cloud computing is undoubtedly a great achievement of the computer networks. In this environment, various services have been provided but users should take the trouble to find the services they need. Although researchers have tried to solve the needs of users to information on the web, their studies enjoy strengths and weaknesses and there is no comprehensive system for the disc...
متن کامل