Formalization of SOA Design Patterns Using Model-Based Specification Technique

Dwivedi, Ashish Kumar; Rath, Santanu Kumar; Chakravarthy, Srinivasa L.

doi:10.1007/978-981-13-6459-4_11

Cited by 3 publications

(2 citation statements)

References 10 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Alzahrani [18] demonstrated the use of codecharts for formal specification and verification of security patterns in terms of generalisation and abstraction. Dwivedi and Rath [19,20] presented verification of five security patterns of web applications and one security pattern of Service-Oriented Architecture (SOA) using Alloy [21]. The security patterns verified by Dwivedi and Rath [19,20] are secure proxy, single-sign-on, check point, authenticator, and access policy.…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

An Approach for Verification of Secure Access Control Using Security Pattern

Gupta

Singh

Mohapatra

2022

Wireless Communications and Mobile Computing

View full text Add to dashboard Cite

According to OWASP-2021, more than 3,00,000 web applications have been detected for unauthenticated and unauthorised access leading to a breach of security trust. Security patterns are commonly used in web applications to address the problem of broken access. Web developers are not experts in implementing security patterns. Therefore, it is necessary to verify that the security pattern has been applied, specifying the original intent of the security pattern. In this paper, an approach has been proposed that analyses the behavioural aspect of security patterns to verify that it meets the security requirement of the web application. The proposed approach extracts the class diagram’s structural properties, relations, associations, and security-related constraints and verifies it using the first-order predicate logic. Experiments have been conducted using class diagrams of security patterns to detect instances of broken access control early in the design phase. The proposed approach will help minimise the risk of unauthenticated and unauthorised access to a web application.

show abstract

Section: Related Workmentioning

confidence: 99%

“…Dwivedi and Rath [19,20] presented verification of five security patterns of web applications and one security pattern of Service-Oriented Architecture (SOA) using Alloy [21]. The security patterns verified by Dwivedi and Rath [19,20] are secure proxy, single-sign-on, check point, authenticator, and access policy.…”

Section: Related Workmentioning

confidence: 99%