• DocumentCode
    2875464
  • Title

    Forming a Security Certification Enclave for Service-Oriented Architectures

  • Author

    Hepner, M. ; Gamble, Michael T. ; Gamble, R.

  • Author_Institution
    Dept. of Math. & Comput. Sci., Tulsa Univ., OK
  • fYear
    2006
  • fDate
    Sept. 2006
  • Firstpage
    148
  • Lastpage
    155
  • Abstract
    Security issues with Web services have slowed their adoption for deployment of critical services in the enterprise. Maintaining security in Web service architectures is especially difficult because of their open, standards based interfaces. Yet many organizations are moving to this technology and are faced with the challenge of certifying their environments as secure. Unique challenges exist with the combination of Web service authentication, network security vulnerabilities, incompatible security-mechanisms, open publication of interface definitions, and automated discovery of services. Certification processes mandate the need for a security certification boundary given identified vulnerabilities. In this paper, we review Web service security vulnerabilities and outline guidelines to form an enclave. The expressed guidelines are specific to certifying a service-oriented architecture implemented with Web services
  • Keywords
    Web services; certification; security of data; Web service security; security certification enclave; service-oriented architectures; Application software; Authentication; Business; Certification; Computer security; Guidelines; Information security; National security; Service oriented architecture; Web services;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Services Computing Workshops, 2006. SCW '06. IEEE
  • Conference_Location
    Chicago, IL
  • Print_ISBN
    0-7695-2681-0
  • Type

    conf

  • DOI
    10.1109/SCW.2006.15
  • Filename
    4027029
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2875464