Security in Service-Oriented Architecture

Future Trends ◽

Online Systems ◽

Pragmatic Analysis ◽

Service Oriented ◽

Web Services Security ◽

Soa Security ◽

This chapter covers the different facets of security as applicable to Service-Oriented Architecture (SOA) implementations. First, it examines the security equirements in SOA implementations, highlighting the differences as compared to the requirements of generic online systems. Later, it discusses the different solution mechanisms to address these requirements in SOA implementations. In the context of Web services, the predominant SOA implementation standards have a crucial role to play. This chapter critically examines the crucial Web services security standards in different stages of adoption and standardization. Later, this chapter examines the present-day common nonstandard security mechanisms of SOA implementations. Towards the end, it discusses the future trends in security for SOA implementations with special bearing on the role of standards. The authors believe that the pragmatic analysis of the multiple facets of security in SOA implementations provided here will serve as a guide for SOA security practitioners.

Security in Service-Oriented Architecture

Service-Oriented Software System Engineering ◽

10.4018/978-1-59140-426-2.ch014 ◽

2005 ◽

pp. 292-316 ◽

Cited By ~ 1

Author(s):

Srinivas Padmanabhuni ◽

Hemant Adarkar

Keyword(s):

Web Services ◽

Security Requirements ◽

Online Systems ◽

Pragmatic Analysis ◽

Service Oriented ◽

Web Services Security ◽

Soa Security ◽

This chapter covers the different facets of security as applicable to Service-Oriented Architecture (SOA) implementations. First, it examines the security requirements in SOA implementations, highlighting the differences as compared to the requirements of generic online systems. Later, it discusses the different solution mechanisms to address these requirements in SOA implementations. In the context of Web services, the predominant SOA implementation standards have a crucial role to play. This chapter critically examines the crucial Web services security standards in different stages of adoption and standardization. Later, this chapter examines the present-day common nonstandard security mechanisms of SOA implementations. Towards the end, it discusses the future trends in security for SOA implementations with special bearing on the role of standards. The authors believe that the pragmatic analysis of the multiple facets of security in SOA implementations provided here will serve as a guide for SOA security practitioners.

Developing Proactive Security Dimensions for SOA

Digital Identity and Access Management ◽

10.4018/978-1-61350-498-7.ch013 ◽

2011 ◽

pp. 254-276

Author(s):

Hany F. EL Yamany ◽

David S. Allison ◽

Miriam A.M. Capretz

Keyword(s):

Security Services ◽

Security Service ◽

Service Oriented ◽

Service Consumer ◽

Web Services Security ◽

Soa Security ◽

Security is one of the largest challenges facing the development of a Service-Oriented Architecture (SOA). This is due to the fact that SOA security is the responsibility of both the service consumer and service provider. In recent years, many solutions have been implemented, such as the Web Services Security Standards, including WS-Security and WS-SecurityPolicy. However, those standards are insufficient for the promising new generations of Web 2.0 applications. In this research, we describe an Intelligent SOA Security (ISOAS) framework and introduce four of its services: Authentication and Security Service (NSS), the Authorization Service (AS), the Privacy Service (PS) and the Service of Quality of Security Service (SQoSS). Furthermore, a case study is presented to examine the behavior of the described security services inside a market SOA environment.

Developing Proactive Security Dimensions for SOA

IT Policy and Ethics ◽

10.4018/978-1-4666-2919-6.ch041 ◽

2013 ◽

pp. 900-922

Author(s):

Hany F. EL Yamany ◽

David S. Allison ◽

Miriam A.M. Capretz

Keyword(s):

Security Services ◽

Security Service ◽

Service Oriented ◽

Service Consumer ◽

Web Services Security ◽

Soa Security ◽

Security is one of the largest challenges facing the development of a Service-Oriented Architecture (SOA). This is due to the fact that SOA security is the responsibility of both the service consumer and service provider. In recent years, many solutions have been implemented, such as the Web Services Security Standards, including WS-Security and WS-SecurityPolicy. However, those standards are insufficient for the promising new generations of Web 2.0 applications. In this research, we describe an Intelligent SOA Security (ISOAS) framework and introduce four of its services: Authentication and Security Service (NSS), the Authorization Service (AS), the Privacy Service (PS) and the Service of Quality of Security Service (SQoSS). Furthermore, a case study is presented to examine the behavior of the described security services inside a market SOA environment.

Advances in Business Information Systems and Analytics - Exploring Enterprise Service Bus in the Service-Oriented Architecture Paradigm ◽

A Role of Enterprise Service Bus in Building Web Services

10.4018/978-1-5225-2157-0.ch004 ◽

2017 ◽

pp. 46-58

Author(s):

Dinesh Sharma ◽

Devendra Kumar Mishra

Keyword(s):

Web Services ◽

Business Processes ◽

Enterprise Service Bus ◽

Fast Processing ◽

Service Oriented ◽

Open Standards ◽

Or Organization ◽

Services Use

Present is the era of fast processing industries or organization gives more emphasis for planning of business processes. This planning may differ from industry to industry. Service oriented architecture provides extensible and simple architecture for industry problem solutions. Web services are a standardized way for developing interoperable applications. Web services use open standards and protocols like http, xml and soap. This chapter provides a role of enterprise service bus in building web services.

Security in Service Oriented Architectures

Web Services Security Development and Architecture ◽

10.4018/978-1-60566-950-2.ch009 ◽

2010 ◽

pp. 187-211

Author(s):

Anne V.D.M. Kayem

Keyword(s):

Web Services ◽

Information Exchange ◽

Mitigation Strategies ◽

Security Architecture ◽

Security Model ◽

Service Oriented Architectures ◽

Security Standard ◽

Service Oriented ◽

Soa Security ◽

Service Oriented Architectures (SOAs) have become the defacto standard for defining interoperable architectures on the web with the most common implementation of this concept being in the form of web services. Information exchange is an integral part of SOAs, so designing effective security architectures that ensure data confidentiality and integrity is important. However, selecting a security standard for the architecture is challenging because existing solutions are geared toward access control in relatively static scenarios rather than dynamic scenarios where some form of adaptability is needed. Moreover, when services interact across different domains interoperability becomes a problem because of the lack a consistent security model to handle service interactions. This chapter presents a comparative analysis of SOA security standards. The authors discuss the challenges SOA security architecture designers face, in relation to an example travel agent web services scenario, and outline potential mitigation strategies.

Advances in Business Information Systems and Analytics - Exploring Enterprise Service Bus in the Service-Oriented Architecture Paradigm ◽

Challenges in Securing ESB Against Web Service Attacks

10.4018/978-1-5225-2157-0.ch006 ◽

2017 ◽

pp. 74-96 ◽

Cited By ~ 1

Author(s):

Rizwan Ur Rahman ◽

Divya Rishi Sahu ◽

Deepak Singh Tomar

Keyword(s):

Distributed Computing ◽

Web Services ◽

Web Service ◽

Service Research ◽

Internet Protocols ◽

Is Implementation ◽

Security Issues ◽

Service Oriented ◽

Web services and Service oriented architecture are innovative phase of distributed computing, build on top of the distributed computing models. Web services are being used mostly for the integration business components. One of the key concerns in web services and service oriented architecture is implementation of adequate security. Security issues in SOA are still probing and in spite of an increase in web service research and development, many security challenges remain unanswered. This chapter introduces the vulnerabilities, threats associated with web services and addresses WS-Security standards and countermeasures. Web service protocol is designed to provide connectivity. Not any of these standards of web services contain any inbuilt security aspect of their own. Web Services are exposed to attack from common Internet protocols and in addition to new categories of attacks targeting Web Services in particular. Consequently, the aim of this chapter is to provide review of security mechanism in web services.

Security in Service Oriented Architectures

Digital Rights Management ◽

10.4018/978-1-4666-2136-7.ch004 ◽

2013 ◽

pp. 50-73

Author(s):

Anne V.D.M. Kayem

Keyword(s):

Web Services ◽

Information Exchange ◽

Mitigation Strategies ◽

Security Architecture ◽

Security Model ◽

Service Oriented Architectures ◽

Security Standard ◽

Service Oriented ◽

Soa Security ◽

Service Oriented Architectures (SOAs) have become the defacto standard for defining interoperable architectures on the web with the most common implementation of this concept being in the form of web services. Information exchange is an integral part of SOAs, so designing effective security architectures that ensure data confidentiality and integrity is important. However, selecting a security standard for the architecture is challenging because existing solutions are geared toward access control in relatively static scenarios rather than dynamic scenarios where some form of adaptability is needed. Moreover, when services interact across different domains interoperability becomes a problem because of the lack a consistent security model to handle service interactions. This chapter presents a comparative analysis of SOA security standards. The authors discuss the challenges SOA security architecture designers face, in relation to an example travel agent web services scenario, and outline potential mitigation strategies.

Special interest tracks and posters of the 14th international conference on World Wide Web - WWW '05 ◽

Web services security configuration in a service-oriented architecture

10.1145/1062745.1062898 ◽

2005 ◽

Cited By ~ 2

Author(s):

Takeshi Imamura ◽

Michiaki Tatsubori ◽

Yuichi Nakamura ◽

Christopher Giblin

Keyword(s):

Web Services ◽

Service Oriented ◽

Web Services Security ◽

Security Configuration

An Integrated Security Framework for SOA

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.427-429.2151 ◽

2013 ◽

Vol 427-429 ◽

pp. 2151-2154

Author(s):

Ling Xia Liu ◽

Dong Xia Wang ◽

Min Huan Huang ◽

Rui Zhang

Keyword(s):

Three Dimensional ◽

Distributed Applications ◽

Point Of View ◽

Security Model ◽

Loosely Coupled ◽

Service Oriented ◽

Soa Security ◽

Security Standards ◽

Environment Service

In today's Web environment, Service Oriented Architecture (SOA) becomes an efficient paradigm to integrate distributed applications. Due to loosely coupled nature of SOA, security is one of the most important issues that must be considered in SOA-based environments. Most of the existing security solutions are proposed only from one certain point of view, and they are difficult to integrate together. In this paper, an integrated framework for SOA are proposed to provides an overall security solution, which contains a three-dimensional security model, a security architecture and related security standards.