IRMA-International.org: Creator of Knowledge
Information Resources Management Association
Advancing the Concepts & Practices of Information Resources Management in Modern Organizations
navleft navright Research IRM Open Access IRMA Journals IRM Books Proceedings Membership

The IRMA Community

Calls for Papers
Online Symposium
Newsletters

Research IRM

Click a keyword to search titles using our InfoSci-OnDemand powered search:

Policy-Based Security Engineering of Service Oriented Systems

Policy-Based Security Engineering of Service Oriented Systems
View Sample PDF
Author(s): Antonio Maña (University of Málaga, Spain), Gimena Pujol (University of Málaga, Spain)and Antonio Muñoz (University of Málaga, Spain)
 Copyright: 2010
 Pages: 15
 Source title: Electronic Services: Concepts, Methodologies, Tools and Applications
Source Author(s)/Editor(s): Information Resources Management Association (USA)
 DOI: 10.4018/978-1-61520-967-5.ch025

Purchase

View Policy-Based Security Engineering of Service Oriented Systems on the publisher's website for pricing and purchasing information.

Abstract

In this chapter the authors present a policy-based security engineering process for service oriented applications, developed in the SERENITY and MISTICO projects. Security and dependability (S&D) are considered as first-class citizens in the proposed engineering process, which is based on the precise description of reusable security and dependability solutions. The authors’ process is based on the concept of S&D Pattern as the means to capture the specialized knowledge of security engineers and to make it available for automated processing, both in the development process (the focus of this chapter) and later at runtime. In particular, in this chapter they focus on the verification of the compliance with security policies, based on the formal specification of S&D Properties. The main advantages of the approach presented in this chapter are precisely that it allows us to define high-level policies and to verify that a secure oriented system complies with such policy (developed following the SERENITY approach). They also describe the application of the proposed approach to the verification of S&D properties in the web services (WS) environment. Concretely, the authors describe the use of SERENITY framework to facilitate the development of applications that use standard security mechanisms (such WS-Security, WS-Policy, WS-Security Policy, etc) and to ensure the correct application of these standard mechanisms, based on predefined policies. Finally, they show how to verify that the application complies with one or several S&D policies.

Related Content

Azeem Khan, Noor Zaman Jhanjhi, Dayang Hajah Tiawa Binti Awang Haji Hamid, Haji Abdul Hafidz bin Haji Omar. © 2024. 30 pages.
Siva Raja Sindiramutty, Chong Eng Tan, Sei Ping Lau, Rajan Thangaveloo, Abdalla Hassan Gharib, Amaranadha Reddy Manchuri, Navid Ali Khan, Wee Jing Tee, Lalitha Muniandy. © 2024. 67 pages.
Ruchi Doshi, Kamal Kant Hiran. © 2024. 16 pages.
N. Ambika. © 2024. 9 pages.
Siva Raja Sindiramutty, Wee Jing Tee, Sumathi Balakrishnan, Sukhminder Kaur, Rajan Thangaveloo, Husin Jazri, Navid Ali Khan, Abdalla Gharib, Amaranadha Reddy Manchuri. © 2024. 54 pages.
Azeem Khan, NZ Jhanjhi, Dayang Hajah Tiawa Binti Awang Haji Hamid, Haji Abdul Hafidz bin Haji Omar. © 2024. 22 pages.
Azeem Khan, Noor Zaman Jhanjhi, Dayang Hajah Tiawa Binti Awang Haji Hamid, Haji Abdul Hafidz bin Haji Omar. © 2024. 36 pages.
IRMA Offers Over 2,500 Full Text Open Access Research Papers for Free Download Click to Start Searching Free IRM Research!

IRMA Sponsors

Sponsor IGI Global

Sponsor eContentPro

Encyclopedia of Information Science and Technology, Fourth Edition
Body Bottom
About Us | Contact | Sitemap | Legal | Policies
Copyright ©2024, Information Resources Management Association. 701 East Chocolate Avenue, Hershey, PA 17033.