Title :
Analysis and Evaluation of Two Security Services in SOA
Author :
Asgarnezhad, Marzieh ; Nasiri, Ramin ; Sahebhonar, Saeedreza
Author_Institution :
Islamic Azad Univ., Kashan, Iran
Abstract :
Secure access to information for any business is a fundamental need. In the service-oriented environment due to loose coupling of services and applications, and their functions across enterprise boundaries, provisioning security becomes more critical. Therefore required authorization by an authenticated identity and applying confidentiality techniques which ordinarily are gained via encryption, are essential for structured implementations according to service-oriented architecture principles. This paper tends to analyse and evaluate two security services, authorization and confidentiality for service-oriented architecture. Based on the scenarios it introduces service-oriented architecture Security Reference Model and analyses how to apply the authorization and confidentiality services. The paper describes use of a set of reusable business assets in form of three service-oriented architecture foundation scenarios.
Keywords :
information systems; security of data; software architecture; SOA; secure information access; security reference model; security services; Assembly; Authorization; Identity-based encryption; Information analysis; Information security; Information systems; Logic; Service oriented architecture; Web and internet services; Web services; authorization; confidentiality; security; service-oriented architecture;
Conference_Titel :
Internet and Web Applications and Services (ICIW), 2010 Fifth International Conference on
Conference_Location :
Barcelona
Print_ISBN :
978-1-4244-6728-0
DOI :
10.1109/ICIW.2010.92
