Towards Automated Risk Identification in Service-Oriented Architectures

نویسنده

  • Lutz Lowis
چکیده

IT risk management is an important challenge for businesses and software vulnerabilities are a major source of IT risks, as the 2006 CSI/FBI Computer Crime and Security Survey [GLLR06] demonstrates. According to the survey, many companies consider it important to quantify the losses attacks against their IT systems cause but are unable to do so. In service-oriented architectures, we see a promising option of identifying the risk impact a software vulnerability has on the confidentiality, integrity, and availability of business processes. Instead of performing this identification manually, which is a time-consuming task, we present an approach of identifying the risk impact in a highly automated manner, and report on our ongoing work in this area.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Dynamic Adaptive Service Architecture - Towards Coordinated Service Composition

With software services becoming a strategic capability for the software sector, software architecture needs to address integration problems to help services to collaborate and coordinate their activities. The increasing need to address dynamic and automated changes can be answered by a service coordination architecture with event-based collaboration that enables dynamic and adaptive architectur...

متن کامل

Towards Construction of Situational Methods for Service Identification

The service-oriented paradigm plays an increasingly significant role in designing and governing IT architectures in organizations. The identification of services belongs to the most important parts of the service management lifecycle and is essential for the successful implementation of service-oriented architectures (SOA). However, existing methods for service identification mostly ignore situ...

متن کامل

Adapted Loss Database - A New Approach to Assess IT Risk in Automated Business Processes

Service-oriented architectures (SOA) provide companies with dynamic IT infrastructures to adapt business processes flexibly to new requirements. However, the success of SOA will also depend on the ability to manage risk resulting from frequent and context-specific changes of IT support for automated business processes. Assessing this IT risk is challenging, since frequently changing relations b...

متن کامل

A Reference Architecture for Automation of Inter-Organizational Process-Oriented Collaboration

In today’s competitive, dynamic, and changing business environment, being able to collaborate globally within and beyond the enterprise borders is critical. Inter-Organizational Collaborations (IOCs) have been proposed as a response to the characteristics of highly competitive global business environments. So far, a number of reference models, frameworks, and ad hoc architectures related to som...

متن کامل

Towards a Services-Based Process Platform

Service oriented software architectures that are aware of business processes will form the core of operational IT landscapes in the future. This contribution starts with an introduction of the state of the art in service oriented architectures. A concrete case study identifies central requirements that are not satisfied by these architectures so far. The authors argue that semantically rich des...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2008