Specification, integration and management of security in service-oriented software systems

The research proposed a novel approach to improve the alignment of high-level business requirements and system-level technical solution in the field of security for service-oriented systems. The framework proposed in the research enables security configurations to be automated during software development to reduce human efforts while improving the accuracy of the security settings. It also provided a mechanism for validating that a given third party or legacy software system can satisfy some prescribed security requirements. Finally, it developed a method to propagate and enforce security requirements dynamically across different organisational or system boundaries.