Service Levels, Security, and Trust

Marienfeld, Florian; Höfig, Edzard; Bezzi, Michele; Flügge, Matthias; Pattberg, Jonas; Serme, Gabriel; Brucker, Achim D.; Robinson, Philip; Dawson, Stephen; Theilmann, Wolfgang

doi:10.1007/978-1-4614-1864-1_12

Cited by 2 publications

(3 citation statements)

References 9 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Subsequent standards have been proposed to augment the basic description of WSDL, to add semantic, behavioural, and to a limited extent, authentication, and security data . Other such property‐based extensions, including Unified Services Description Language, consist of standards that target trust and security, to bridge the previously identified vendor divide.…”

Section: Background: Soa and Bpmnmentioning

confidence: 99%

“…Using ConSpec for our work is motivated by 3 reasons: (1) ConSpec was designed for specifying security properties; (2) it also supports the monitoring of security properties at runtime (eg, see Asim et al); and (3) by using a language that is independent from the underlying service technologies, we can support different service technologies (eg, RESTful services, WSDL‐compliant services) at the same time. Our work can easily be adapted to other service specification languages that support security properties such as Unified Services Description Language, PROTUNE, or combinations of XACML and WSDL…”

Section: Modelling Secure Servicesmentioning

confidence: 99%

See 1 more Smart Citation

Modelling, validating, and ranking of secure service compositions

et al. 2017

Self Cite

View full text Add to dashboard Cite

Summary In the world of large‐scale applications, software as a service (SaaS) in general and use of microservices, in particular, is bringing service‐oriented architectures to a new level: Systems in general and systems that interact with human users (eg, sociotechnical systems) in particular are built by composing microservices that are developed independently and operated by different parties. At the same time, SaaS applications are used more and more widely by enterprises as well as public services for providing critical services, including those processing security or privacy of relevant data. Therefore, providing secure and reliable service compositions is increasingly needed to ensure the success of SaaS solutions. Building such service compositions securely is still an unsolved problem. In this paper, we present a framework for modelling, validating, and ranking secure service compositions that integrate both automated services as well as services that interact with humans. As a unique feature, our approach for ranking services integrates validated properties (eg, based on the result of formally analysing the source code of a service implementation) as well as contractual properties that are part of the service level agreement and, thus, not necessarily ensured on a technical level.

show abstract

Section: Background: Soa and Bpmnmentioning

confidence: 99%

Section: Modelling Secure Servicesmentioning

confidence: 99%

Modelling, validating, and ranking of secure service compositions

et al. 2017

Self Cite

View full text Add to dashboard Cite

show abstract

“…For example, Unified Services Description Language (USDL) [17] consists of standards that target trust and security, to bridge the previously-identified vendor divide. However, none of them tackles the security issue of SOA in the first place.…”

Section: A Service-oriented Architecture and Its Securitymentioning

confidence: 99%

A Framework for Secure Service Composition

Brucker¹,

Malmignati

Merabti

et al. 2013

2013 International Conference on Social Computing

Self Cite

View full text Add to dashboard Cite

Abstract-Modern applications are inherently heterogeneous: they are built by composing loosely coupled services that are, usually, offered and operated by different service providers. While this approach increases the flexibility of the composed applications, it makes the implementation of security and trustworthiness requirements difficult. As the number of security requirements is increasing dramatically, there is a need for new approaches that integrate security requirements right from the beginning while composing service-based applications.In this paper, we present a framework for secure service composition using a model-based approach for specifying, building, and executing composed services. As a unique feature, this framework integrates security requirements as a first class citizen and, thus, avoids the "security as an afterthought" paradigm.

show abstract

Service Levels, Security, and Trust

Cited by 2 publications

References 9 publications

Modelling, validating, and ranking of secure service compositions

Modelling, validating, and ranking of secure service compositions

A Framework for Secure Service Composition

Contact Info

Product

Resources

About