مرکز منطقه ای اطلاع رساني علوم و فناوري - Methodology and Tools for End-to-End SOA Security Configurations

DocumentCode :

2295320

Title :

Methodology and Tools for End-to-End SOA Security Configurations

Author :

Satoh, Fumiko ; Nakamura, Yuichi ; Mukhi, Nirmal K. ; Tatsubori, Michiaki ; Ono, Kouichi

Author_Institution :

IBM Tokyo Res. Lab., Tokyo

fYear :

2008

fDate :

6-11 July 2008

Firstpage :

307

Lastpage :

314

Abstract :

The configuration of non-functional requirements, such as security, has become important for SOA applications, but the configuration process has not been discussed comprehensively. In current development processes, the security requirements are not considered in upstream phases and a developer at a downstream phase is responsible for writing the security configuration. However, configuring security requirements properly is quite difficult for developers because the SOA security is cross-domain and all required information is not available in the downstream phase. To resolve this problem, we clarify how to configure security in the SOA application development process, and define the developer´s roles in each phase. Additionally, supporting technologies to generate security configurations are proposed: Model-Driven Security and Pattern-based Policy Configuration. Our contribution is proposing a methodology for end-to-end security configuration for SOA applications and tools for generating detailed security configurations from the requirements specified in upstream phases model transformations, making it possible to configure security properly without increasing developers´ workloads.

Keywords :

configuration management; security of data; software architecture; SOA application development process; configuration process; current development processes; end-to-end SOA security configurations; model-driven security; nonfunctional requirements; pattern-based policy configuration; security requirements configuration; Assembly systems; Buildings; Computer applications; Concrete; Information security; Laboratories; Semiconductor optical amplifiers; Service oriented architecture; Sociotechnical systems; Writing;

fLanguage :

English

Publisher :

ieee

Conference_Titel :

Services - Part I, 2008. IEEE Congress on

Conference_Location :

Honolulu, HI

Print_ISBN :

978-0-7695-3286-8

Type :

conf

DOI :

10.1109/SERVICES-1.2008.82

Filename :

4578341

Link To Document :

https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=2295320