CFP last date
20 January 2025
Reseach Article

A Security Model and its Strategies for Web Services

by Mehdi Sabbari, Hadiseh Seyyed Alipour
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 36 - Number 10
Year of Publication: 2011
Authors: Mehdi Sabbari, Hadiseh Seyyed Alipour
10.5120/4543-6426

Mehdi Sabbari, Hadiseh Seyyed Alipour . A Security Model and its Strategies for Web Services. International Journal of Computer Applications. 36, 10 ( December 2011), 24-31. DOI=10.5120/4543-6426

@article{ 10.5120/4543-6426,
author = { Mehdi Sabbari, Hadiseh Seyyed Alipour },
title = { A Security Model and its Strategies for Web Services },
journal = { International Journal of Computer Applications },
issue_date = { December 2011 },
volume = { 36 },
number = { 10 },
month = { December },
year = { 2011 },
issn = { 0975-8887 },
pages = { 24-31 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume36/number10/4543-6426/ },
doi = { 10.5120/4543-6426 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T20:22:49.988966+05:30
%A Mehdi Sabbari
%A Hadiseh Seyyed Alipour
%T A Security Model and its Strategies for Web Services
%J International Journal of Computer Applications
%@ 0975-8887
%V 36
%N 10
%P 24-31
%D 2011
%I Foundation of Computer Science (FCS), NY, USA
Abstract

Service Oriented Architecture (SOA) establishes an architectural model that aims to enhance the efficiency, agility, and productivity of an enterprise by positioning services as the primary means through which solution logic is represented in support of the realization of strategic goals associated with service-oriented computing. Web services seem to become the preferred implementation technology for realizing the SOA promise of maximum service sharing, reuse, and interoperability. However, one of the big stumbling blocks in executing SOA is security. This article addresses security in SOA with understand which security requirements and proposed conceptual security reference model for SOA with techniques and industry standards are right for web services.

References
  1. Erl, T. 2007 SOA: Principles of Service Design. Prentice Hall/Pearson PTR.
  2. Wang, j., Yu, A., Zhang, X. and Qu, L. 2009 A Dynamic Data Integration Model Based on SOA. In: 2009 ISECS International Colloquium on Computing, Communication, Control, and Management, pp. 196-199,In IEEE.
  3. Karp, A. H. and Li, j. 2010 Solving the Transitive Access Problem for the Services Oriented Architecture. IEEE International Conference on Availability, Reliability and Security, DOI 10.1109/ARES.
  4. Papazoglou, M. P. and Van Den Heuvel, W. 2007 Service oriented architectures: approaches, technologies and research issues. Springer-Verlag, pp. 389-415.
  5. Eckert, J., Bachhuber, M., Miede, A., Pasageorgiou, A. and Steinmetz, R. 2010 Service-oriented Architectures in the German Banking Industry-A Multi-Participant Case Study. In: 4th IEEE International Conference on Digital Ecosystems and Technologies (IEEE DEST 2010).
  6. Hafner, M., and Breu, R. 2009 Security Engineering for Service-Oriented Architectures. Springer.
  7. Jonnaganti, V. 2009 An Integrated Security Model for the Management of SOA- Improving the attractiveness of SOA Environments through a strong Architectural Integrity. Master Thesis, University of Gothenburg Department of Applied Information Technology Gothenburg, Sweden.
  8. Fiere, J. 2007 SOA Security. Master Thesis, Faculty of Science Vrije Universiteit Amsterdam.
  9. Jana, D., Chaudhuri, A. and Bhaumik, B. 2009 Privacy and Anonymity Protection in Computational Grid Services. International Journal of Computer Science and Applications, Vol, 6, No, 1, pp. 98-107.
  10. Kanneganti, R. and Chodavarapu, P. A. 2008 SOA Security. Manning.
  11. Singhal, A., Winograd, T. and Scarfone, K. 2007 Guide to Secure Web Services. NIST Special Publication.
  12. Yuan, E. and Tong, J. 2005 Attributed Based Access Control (ABAC) for Web Services. IEEE International Conference on Web Services (ICWS’05).
  13. Janssen, J. 2008 Identity management within an organization. Master Thesis, Radbound University Nijmegen.
  14. Hung Le, X., Lee, S., Lee, Y., Lee, H., Khalid, M. and Sankar, R. 2010 Activity-oriented access control to ubiquitous hospital information and services. Elsevier, pp. 2979-2990.
  15. Chanliau, M. 2006 Web Services Security: What’s Required To Secure A Service-Oriented Architecture. An Oracle White Paper.
  16. S.Sandhu, R. and et al. 1996 Role-Based Access Control Models. IEEE Computer, pp. 38-47.
  17. Salomon, D. 2006 Foundations of Computer Security. Springer-Verlag London Limited.
  18. Moses, T. and et al. 2005 eXtensible Access Control Markup Language(XACML) Version 2.0. OASIS Standard.
  19. Al-Kofahi, M., Chang, A. and E.Daniels, T. 2008 SCWIM An Integrity for SOA Networks. IEEE International Conference on Web Services, pp. 675-682.
  20. J.Pajevski, M. 2004 A Security Model for Service Oriented Architectures. Distributed Systems Technologies Group, Retrieved from NASA Web site: http://www.oasisopen.org/committees/download.php/17573/06-04-00008.000.pdf.
  21. Mcconnell, J.M. 1994 NSTISS : National Security Telecommunications and Information Systems Security. Rep. No 4011. Retrieved from www.cnss.gov/Assets/pdf/nstissi_4011.pdf.
Index Terms

Computer Science
Information Sciences

Keywords

Service Oriented Architecture (SOA) Security requirements Reference model Web Services Security Standards