Title :
Detecting Vulnerabilities in Service Oriented Architectures
Author :
Antunes, Nuno ; Vieira, Marco
Author_Institution :
Dept. of Inf. Eng., Univ. of Coimbra, Coimbra, Portugal
Abstract :
The adoption of Service Oriented Architectures (SOAs) in a wide range of organizations, including business-critical systems, opens the door to new security challenges. Although the services used should be secure and reliable, they are often deployed with security bugs that can be maliciously exploited. The problem is that developers are frequently not specialized on security and the common time-to-market constraints limits an in depth test for vulnerabilities. Additionally, research and practice shows that the effectiveness of existing vulnerability detection tools is very poor. The goal of this work is to advance the state-of-the-art by investigating new techniques and tools to effectively detect vulnerabilities in SOAs in an automated manner. Instrumental in this work is to propose a benchmarking approach that allows assessing and comparing vulnerability detection tools, thus helping guiding tools development and improvement, and allowing users to select the most effective ones according to specific needs.
Keywords :
security of data; service-oriented architecture; SOA; benchmarking approach; business-critical systems; common time-to-market constraints limits; guiding tools development; security bugs; service oriented architectures; vulnerability detection tools; Benchmark testing; Monitoring; Runtime; Security; Service oriented architecture; SOA; benchmarking; security; vulnerabilities; vulnerability detection; web services;
Conference_Titel :
Software Reliability Engineering Workshops (ISSREW), 2012 IEEE 23rd International Symposium on
Conference_Location :
Dallas, TX
Print_ISBN :
978-1-4673-5048-8
DOI :
10.1109/ISSREW.2012.33