An Ontology for Run-Time Verification of Security Certificates for SOA

Author

D´Agostini, S. ; Di Giacomo, Valeria ; Pandolfo, C. ; Presenza, Domenico

Author_Institution

R&D Lab, Eng. Ing. Inf. SpA, Rome, Italy

fYear

2012

Firstpage

525

Lastpage

533

Abstract

Software systems are often certified to guarantee they satisfy particular functional or non-functional requirements, including safety, security or privacy. In this paper, we propose an approach based on the use of ontologies to support the description of the content of security certificates for services. The work frames in the scope of the ASSERT4SOA project, which investigates the way to dynamically search for services satisfying certain security requirements. The ASSERT4SOA Ontology, the main result of this work, supports the interoperability and comparison of heterogeneous certificates and the run-time verification of the compliance of services with the security requirements asserted in their certificates.

Keywords

certification; formal verification; ontologies (artificial intelligence); open systems; security of data; service-oriented architecture; ASSERT4SOA ontology; ASSERT4SOA project; heterogeneous certificates interoperability; run-time verification; security certificates; security requirements; software systems; Certification; OWL; Ontologies; Security; Service oriented architecture; Unified modeling language; Vocabulary; Ontologies for security certification; Run-time verification; Semantic Security Certificates; Service Certification; Service Oriented Architecture (SOA); Service Security;

fLanguage

English

Publisher

ieee

Conference_Titel

Availability, Reliability and Security (ARES), 2012 Seventh International Conference on

Conference_Location

Prague

Print_ISBN

978-1-4673-2244-7

Type

conf

DOI

10.1109/ARES.2012.49

Filename

6329227