Web services and grid security vulnerabilities and threats analysis and model

Author

Demchenko, Yuri ; Gommans, Leon ; De Laat, Cees ; Oudenaarde, Bas

Author_Institution

Adv. Internet Res. Group, Amsterdam Univ., Netherlands

fYear

2005

fDate

13-14 Nov. 2005

Abstract

The paper provides an overview of available Web services security vulnerability models and proposes a classification of the potential grid and Web services attacks and vulnerabilities. This is further used to introduce a security model for interacting grid and Web services that illustrates how basic security services should interact to provide an attack-resilient multilayer protection in a typical service-oriented architecture. The analysis and the model can be used as a basis for developing countermeasures against known vulnerabilities and security services design recommendations. The paper refers to the ongoing work on middleware and operational security in the framework of the European grid infrastructure deployment project EGEE and related coordination groups.

Keywords

Internet; grid computing; middleware; security of data; EGEE; European grid infrastructure deployment project; Web service attacks; attack-resilient multilayer protection; grid security vulnerabilities; grid service attacks; middleware; operational security; security model; service-oriented architecture; threat analysis; Authentication; Authorization; Data security; Middleware; Nonhomogeneous media; Protection; Service oriented architecture; Software development management; Web and internet services; Web services;

fLanguage

English

Publisher

ieee

Conference_Titel

Grid Computing, 2005. The 6th IEEE/ACM International Workshop on

Print_ISBN

0-7803-9492-5

Type

conf

DOI

10.1109/GRID.2005.1542751

Filename

1542751