Modeling the Evaluation Criteria for Security Patterns in Web Service Discovery

Current trends in performing business-to-business transactions and enterprise application integration have been extended to the use of web service. With web services being accepted and deployed in both research and industrial areas, the security related issues become important. Web services security has attracted the attention of researchers in the area of security due to the proven fact that most attacks to businesses and organizations exploit web service vulnerabilities. The main goal of this research is to achieve security concept of the web service can be summarized to this single value. In this paper, we evaluate common security patterns with respect to the STRIDE model of attacks by examining the attacks performed in different web services system. In order to evaluate security we introduce a new measure for the computation of a security rating of web service based on STRIDE test case model such that the security concept of the system can be summarized to single value. The overall severity for the risk that can expressed in measurable way.