Home // ICIW 2011, The Sixth International Conference on Internet and Web Applications and Services // View article

A View-based Approach for Service-Oriented Security Architecture Specification

Authors:
Aleksander Dikanski
Sebastian Abeck

Keywords: security architecture; security service-orientation; web service, security services

Abstract:
Developing secure software is still a software engineering challenge because of the complexity of software security. Yet integrating security engineering and software engineering is increasingly important, especially for service-oriented applications, as they are exposed to new security challenges due to their open nature. Current security engineering approaches do not consider existing security architectures, leading to redundant development of security artifacts. Further, present security architecture approaches do not provide relevant information to a security engineering process. Using a service-oriented and security architecture-centric approach for security engineering supports the development of secure service-oriented applications, as existing security solutions can be reused. In this paper, a model for service-oriented security architectures is presented, which provides apt information to different consumers, such as security engineering processes and business services, in the form of views to assist the consumers security goals. The architecture model is exemplified by specifying different views of a web service-based security architecture.

Pages: 207 to 213

Copyright: Copyright (c) IARIA, 2011

Publication date: March 20, 2011

Published in: conference

ISSN: 2308-3972

ISBN: 978-1-61208-124-3

Location: St. Maarten, The Netherlands Antilles

Dates: from March 20, 2011 to March 25, 2011