• DocumentCode
    2295320
  • Title

    Methodology and Tools for End-to-End SOA Security Configurations

  • Author

    Satoh, Fumiko ; Nakamura, Yuichi ; Mukhi, Nirmal K. ; Tatsubori, Michiaki ; Ono, Kouichi

  • Author_Institution
    IBM Tokyo Res. Lab., Tokyo
  • fYear
    2008
  • fDate
    6-11 July 2008
  • Firstpage
    307
  • Lastpage
    314
  • Abstract
    The configuration of non-functional requirements, such as security, has become important for SOA applications, but the configuration process has not been discussed comprehensively. In current development processes, the security requirements are not considered in upstream phases and a developer at a downstream phase is responsible for writing the security configuration. However, configuring security requirements properly is quite difficult for developers because the SOA security is cross-domain and all required information is not available in the downstream phase. To resolve this problem, we clarify how to configure security in the SOA application development process, and define the developer´s roles in each phase. Additionally, supporting technologies to generate security configurations are proposed: Model-Driven Security and Pattern-based Policy Configuration. Our contribution is proposing a methodology for end-to-end security configuration for SOA applications and tools for generating detailed security configurations from the requirements specified in upstream phases model transformations, making it possible to configure security properly without increasing developers´ workloads.
  • Keywords
    configuration management; security of data; software architecture; SOA application development process; configuration process; current development processes; end-to-end SOA security configurations; model-driven security; nonfunctional requirements; pattern-based policy configuration; security requirements configuration; Assembly systems; Buildings; Computer applications; Concrete; Information security; Laboratories; Semiconductor optical amplifiers; Service oriented architecture; Sociotechnical systems; Writing;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Services - Part I, 2008. IEEE Congress on
  • Conference_Location
    Honolulu, HI
  • Print_ISBN
    978-0-7695-3286-8
  • Type

    conf

  • DOI
    10.1109/SERVICES-1.2008.82
  • Filename
    4578341
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2295320