ABSTRACT
SOA enables the design of flexible and modular software applications that can be used in a cross-organization context. Unfortunately, those qualities have a negative impact on the security of the software application. In this paper, we provide an approach to build secure SOA applications that takes into account the new security issues introduced by the complexity of SOA-based applications. We build upon two different approaches to secure SOA applications: model-driven development and the use of security patterns.
- Delessy, N., Fernandez, E. B: Patterns for the eXtensible Access Control Markup Language. In: Proceedings of the 12th Pattern Languages of Programs Conference (PLoP2005), Monticello, Illinois, USA, 7--10 September 2005.Google Scholar
- Delessy, N., Fernandez, E. B., Larrondo-Petrie, Maria M.: A Pattern Language for Identity Management. In: International Multi-Conference on Computing in the Global Information Technology, 2007. ICCGI 2007. pp. 31--36. IEEE Press (2007) Google ScholarDigital Library
- Fernandez, E. B., Delessy, N. A. and Larrondo-Petrie, M. M. "Patterns for web services security", in "Best Practices and Methodologies in Service-Oriented Architectures", L. A. Skar and A. A. Bjerkestrand (Eds.), 29--39, part of OOPSLA 2006, the 21st Int. Conf. on Object-Oriented Programming, Systems, Languages, and Applications, Portland, OR, ACM, October 22--26.Google Scholar
- A pattern-driven security process for SOA applications
Recommendations
A Pattern-Driven Security Process for SOA Applications
ARES '08: Proceedings of the 2008 Third International Conference on Availability, Reliability and SecuritySOA enables the design of flexible and modular software applications that can be used in a crossorganization context. Unfortunately, those qualities have a negative impact on the security of the software application. In this paper, we investigate the ...
Modeling security for service oriented applications
ECSA '10: Proceedings of the Fourth European Conference on Software Architecture: Companion VolumeSecurity is an important quality attribute for Service Oriented Architecture (SOA) based system. However, there is no sufficient support for modelling security-centric concerns for SOA based application. This paper presents a metamodel called ...
Quality of Security Service for Web Services within SOA
SERVICES '09: Proceedings of the 2009 Congress on Services - IService-Oriented Architecture (SOA) is a paradigm for creating and encapsulating business processes in the form of loose-coupling, autonomous and abstracted services. Managing the non-functional requirements of SOA such as security, is an overarching ...
Comments