Title :
Avoiding common security flaws in composed service-oriented systems
Author :
Atighetchi, Michael ; Pal, Partha ; Loyall, Joseph ; Sinclair, Asher
Author_Institution :
Raytheon BBN Technol., Cambridge, MA, USA
Abstract :
Network-centric information systems are increasingly called upon to support complex tasks and missions that serve multiple communities of interest. As a result, existing capabilities are exposed as services in a service-oriented system, and newer capabilities are derived by discovering and composing available services. While service-orientation enables and facilitates such composition-based system construction, the evolving nature and variety of standards and the varying level of compliance of otherwise feature-rich vendor products has made achieving acceptable level of security and resilience in such systems a daunting and error-prone task. This paper presents a number of factors that contribute to the security of composed service-oriented systems, and outlines ways to avoid common pitfalls and mistakes that stem from these factors and weaken the resiliency and survivability of the composed system.
Keywords :
security of data; service-oriented architecture; composed service-oriented systems; composition-based system construction; network-centric information systems; security flaw avoidance; service composition; service discovery; Context; Couplings; Cryptography; Elasticity; IP networks; Monitoring; Information Assurance; Service Oriented Architecture; Survivability; Trustworthy system design;
Conference_Titel :
Dependable Systems and Networks Workshops (DSN-W), 2012 IEEE/IFIP 42nd International Conference on
Conference_Location :
Boston, MA
Print_ISBN :
978-1-4673-2264-5
Electronic_ISBN :
978-1-4673-2265-2
DOI :
10.1109/DSNW.2012.6264679
