Towards Security Awareness in Designing Service-oriented Architectures

Pascal Bou Nassar; Youakim Badr; Frédérique Biennier; Kablan Barbar

doi:10.5220/0004454103470355

Towards Security Awareness in Designing Service-oriented Architectures

Pascal Bou Nassar, Youakim Badr, Frédérique Biennier, Kablan Barbar

2013

Abstract

Many information security approaches deal with service-oriented architectures by focusing on security policies, requirements and technical implementation during service design, specification and implementation phases. Nevertheless, service-oriented architectures are increasingly deployed in open, distributed and dynamic environments, which particularly require an end-to-end security at each phase of the service’s lifecycle. Moreover, the security should not only focus on services without considering the risks and threats that might be caused by elements from business activities or underlying hardware and software infrastructure. In this paper, we develop a model highlighting the dependency between elements at business, service and infrastructure levels, defining the design context. In addition, we develop a holistic approach to define a security conceptual model, including services, security risks and security policies and guides all phases in a typical design method for service-oriented architectures.

Download

Paper Citation

in Harvard Style

Bou Nassar P., Badr Y., Biennier F. and Barbar K. (2013). Towards Security Awareness in Designing Service-oriented Architectures . In Proceedings of the 15th International Conference on Enterprise Information Systems - Volume 3: ICEIS, ISBN 978-989-8565-61-7, pages 347-355. DOI: 10.5220/0004454103470355

in Bibtex Style

@conference{iceis13,
author={Pascal Bou Nassar and Youakim Badr and Frédérique Biennier and Kablan Barbar},
title={Towards Security Awareness in Designing Service-oriented Architectures},
booktitle={Proceedings of the 15th International Conference on Enterprise Information Systems - Volume 3: ICEIS,},
year={2013},
pages={347-355},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0004454103470355},
isbn={978-989-8565-61-7},
}

in EndNote Style

TY - CONF
JO - Proceedings of the 15th International Conference on Enterprise Information Systems - Volume 3: ICEIS,
TI - Towards Security Awareness in Designing Service-oriented Architectures
SN - 978-989-8565-61-7
AU - Bou Nassar P.
AU - Badr Y.
AU - Biennier F.
AU - Barbar K.
PY - 2013
SP - 347
EP - 355
DO - 10.5220/0004454103470355