Abstract
A method of decision making in security level estimation process of service-based applications in Future Internet architecture is proposed. We demonstrate how distributed services can be composed to form an application run within the Next Generation Network (NGN) infrastructure and their security level may be assessed. Our approach is illustrated by the experiments carried on exemplary application (virtual laboratory Online Lab, using Future Internet IPv6 QoS architecture), in which our method was evaluated against two types of attacks observed with the use of traffic anomaly detection methods.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
CERT (2009), http://www.cert.org (retrieved March 20, 2009)
Epstein, J., Matsumoto, S., McGraw, G.: Software security and SOA. IEEE Security and Privacy 4(1), 80–83 (2006)
Fernandez, E.B., Delessy, N.: Using patterns to understand and compare web services security products and standards (2006)
Kolaczek, G.: Opracowanie koncepcji specyfikacji metod i modeli szacowania poziomu bezpieczeństwa systemów SOA i SOKU, WUT (2009) (in polish)
Nakamura, Y., Tatsubori, M., Imamura, T., Ono, K.: Model-driven security based on web services security architecture. In: IEEE International Conference on Services Computing, vol. 1, pp. 7–15 (2005)
SANS Institute (2006), http://www.sans.org (retrieved March 20, 2009)
Skalka, C., Wang, X.: Trust by verify: Authorization for web services. Paper presented in ACM Workshop on Secure Web Services, pp. 47–55 (2004)
SOA Reference Model Technical Committee. A Reference Model for Service Oriented Architecture, OASIS (2006)
Steel, C., Nagappan, R., Lai, R.: Core security patterns: Best practices and strategies for J2EE, web services, and identity management. Pearson, Upper Saddle River (2006)
Tari, Z., Bertok, P., Simic, D.: A dynamic label checking approach for information flow control in web services. International Journal of Web Services Research 3(1), 1–28 (2006)
Kolaczek, G., Juszczyszyn, K.: Smart Security Assessment of Composed Web Services. Cybernetics and Systems 41(1), 46–61 (2010)
Jøsang, A.: A Logic for Uncertain Probabilities. International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems 9(3), 279–311 (2001)
Jøsang, A.: A Metric for Trusted Systems. In: Proceedings of the 21st National Security Conference, NSA, pp. 68–77 (1998)
Jøsang, A.: Conditional Inference in Subjective Logic. In: The Proceedings of the 6th International Conference on Information Fusion, Cairns, pp. 279–311 (2003)
Anderson, S., Grau, A., Hughes, C.: Specification and satisfaction of SLAs in service oriented architectures. In: 5th Annual DIRC Research Conference, pp. 141–150 (2005)
Milanovic, N., Malek, M.: Current Solutions for Web Service Composition. IEEE Internet Computing 8(6), 51–59 (2004)
Frolund, S., Koisten, J.: QML: A language for quality of service specification (1998), http://www.hpl.hp.com/techreports/98/HPL-98-10.html
Charif, Y., Sabouret, N.: An Overview of Semantic Web Services Composition Approaches. Electronic Notes in Theoretical Computer Science 146, 33–41 (2006)
Salvador, S., Chan, P.: Learning states and rules for time-series anomaly detection. Tech. rep., 2008 CS–2003–05, Department of Computer Science, Florida Institute of Technology Melbourne (2003)
Weigend, A.S., Mangeas, M., Srivastava, A.N.: Nonlinear gated experts for time-series: Discovering regimes and avoiding overfitting. Int. J. Neural Syst. 6(4), 373–399 (1995)
Noguez, J., Sucar, L.E.: A Semi-open Learning Environment for Virtual Laboratories. In: Gelbukh, A., de Albornoz, Á., Terashima-Marín, H. (eds.) MICAI 2005. LNCS (LNAI), vol. 3789, pp. 1185–1194. Springer, Heidelberg (2005)
Pautasso, C., Bausch, W., Alonso, G.: Autonomic Computing for Virtual Laboratories. In: Kohlas, J., Meyer, B., Schiper, A. (eds.) Dependable Systems. LNCS, vol. 4028, pp. 211–230. Springer, Heidelberg (2006)
Juszczyszyn, K., Paprocki, M., Prusiewicz, A., Sieniawski, L.: Personalization and content awareness in online lab – virtual computational laboratory. In: Nguyen, N.T., Kim, C.-G., Janiak, A. (eds.) ACIIDS 2011, Part I. LNCS, vol. 6591, pp. 367–376. Springer, Heidelberg (2011)
Blake, S., et al.: An architecture for differentiated services. RFC2475 (1998)
Burakowski, W., et al.: The Future Internet Engineering Project in Poland: Goals and Achievements. In: Future Internet Poland Conference, Poznan, Poland (October 2011)
Mosharaf Kabir Chowdhury, N.M., Boutaba, R.: A survey of network virtualization. Computer Networks: The International Journal of Computer and Telecommunications Networking 54(5), 862–876 (2010)
Grzech, A., Rygielski, P., Świątek, P.: Translations of Service Level Agreement in Systems Based on Service-Oriented Architectures. Cyb. and Systems 41, 610–627 (2010)
ITU-T Rec. Y. Functional requirements and architecture of next generation networks (2012)
Tarasiuk, H., et al.: Provision of End-to-End QoS in Heterogeneous Multi-Domain Networks. Annals of Telecommunications 63(11) (2008)
Tarasiuk, H., et al.: Performance Evaluation of Signaling in the IP QoS System. Journal of Telecommunications and Information Technology 3, 12–20 (2011)
Rygielski, P., Tomczak, J.M.: Context Change Detection for Resource Allocation in Service-Oriented Systems. In: König, A., Dengel, A., Hinkelmann, K., Kise, K., Howlett, R.J., Jain, L.C. (eds.) KES 2011, Part II. LNCS, vol. 6882, pp. 591–600. Springer, Heidelberg (2011)
Rygielski, P., Świątek, P.: Graph-fold: an efficient method for complex service execution plan optimization. Systems Science 36(3), 25–32 (2010)
Świątek, P., Stelmach, P., Prusiewicz, A., Juszczyszyn, K.: Service composition in knowledge-based SOA systems. New Generation Computing 30(2/3), 165–188 (2012)
Świątek, P., Rygielski, P., Juszczyszyn, K., Grzech, A.: User assignment and movement prediction in wireless networks. Cybernetics and Systems 43(4), 340–353 (2012)
Świątek, P., Juszczyszyn, K., Brzostowski, K., Drapała, J., Grzech, A.: Supporting content, context and user awareness in Future Internet applications. In: Álvarez, F., et al. (eds.) FIA 2012. LNCS, vol. 7281, pp. 154–165. Springer, Heidelberg (2012)
Fraś, M., Grzech, A., Juszczyszyn, K., Kołaczek, G., Kwiatkowski, J., Prusiewicz, A., Sobecki, J., Świątek, P., Wasilewski, A.: Smart Work Workbench: Integrated tool for IT services planning, management, execution and evaluation. In: Jędrzejowicz, P., Nguyen, N.T., Hoang, K. (eds.) ICCCI 2011, Part I. LNCS, vol. 6922, pp. 557–571. Springer, Heidelberg (2011)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this paper
Cite this paper
Kołaczek, G., Juszczyszyn, K., Świątek, P., Grzech, A. (2014). Decision Making in Security Level Evaluation Process of Service-Based Applications in Future Internet Architecture. In: Swiątek, J., Grzech, A., Swiątek, P., Tomczak, J. (eds) Advances in Systems Science. Advances in Intelligent Systems and Computing, vol 240. Springer, Cham. https://doi.org/10.1007/978-3-319-01857-7_67
Download citation
DOI: https://doi.org/10.1007/978-3-319-01857-7_67
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-01856-0
Online ISBN: 978-3-319-01857-7
eBook Packages: EngineeringEngineering (R0)