Swinburne
Browse

SOABSE: An approach to realizing business-oriented security requirements with web service security policies

Download (517.54 kB)
conference contribution
posted on 2024-07-09, 19:11 authored by Tan Phan, Jun HanJun Han, Ingo Mueller, Malinda Kapuruge, Steve Versteeg
A critical issue in developing Web Service-based business applications is the realization of business-level security requirements with system-level security mechanisms using the WS-* standards. Current practice has primarily relied on the engineer's experience and lacks consistency and methodological support. This paper introduces an approach to Web Services security engineering called SOABSE, which systematically models, designs and implements security for a WS-based application from a given set of business-oriented security requirements. It includes 1) a stepwise process that systematically transforms business-level security requirements into system-level WS-* security policies, and relies on 2) a security realization model that maps business-level security objectives to WS-* security realization mechanisms and 3) a security deployment model that sets out the security-oriented Web Service deployment information. A prototype tool supporting the approach is also introduced.

History

Available versions

PDF (Published version)

ISBN

9781424452996

Conference name

IEEE International Conference on Service-Oriented Computing and Applications, SOCA' 09

Pagination

9 pp

Publisher

IEEE

Copyright statement

Copyright © 2009 IEEE. The published version is reproduced in accordance with the copyright policy of the publisher. Personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the IEEE.

Language

eng

Usage metrics

    Publications

    Categories

    No categories selected

    Keywords

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC