Analysis and Evaluation of Two Security Services in SOA

Author

Asgarnezhad, Marzieh ; Nasiri, Ramin ; Sahebhonar, Saeedreza

Author_Institution

Islamic Azad Univ., Kashan, Iran

fYear

2010

fDate

9-15 May 2010

Firstpage

562

Lastpage

568

Abstract

Secure access to information for any business is a fundamental need. In the service-oriented environment due to loose coupling of services and applications, and their functions across enterprise boundaries, provisioning security becomes more critical. Therefore required authorization by an authenticated identity and applying confidentiality techniques which ordinarily are gained via encryption, are essential for structured implementations according to service-oriented architecture principles. This paper tends to analyse and evaluate two security services, authorization and confidentiality for service-oriented architecture. Based on the scenarios it introduces service-oriented architecture Security Reference Model and analyses how to apply the authorization and confidentiality services. The paper describes use of a set of reusable business assets in form of three service-oriented architecture foundation scenarios.

Keywords

information systems; security of data; software architecture; SOA; secure information access; security reference model; security services; Assembly; Authorization; Identity-based encryption; Information analysis; Information security; Information systems; Logic; Service oriented architecture; Web and internet services; Web services; authorization; confidentiality; security; service-oriented architecture;

fLanguage

English

Publisher

ieee

Conference_Titel

Internet and Web Applications and Services (ICIW), 2010 Fifth International Conference on

Conference_Location

Barcelona

Print_ISBN

978-1-4244-6728-0

Type

conf

DOI

10.1109/ICIW.2010.92

Filename

5476481