Title :
A Framework for Multi-Platform SOA Security Analyses
Author :
Weber, Sam ; Austel, Paula ; McIntosh, Michael
Author_Institution :
IBM, Yorktown Heights
Abstract :
The myriad of SOA platforms and the complexity of the Web services standards has meant that it is difficult for users to ensure that their deployments are appropriately secure. Despite the compilation of various SOA security "best practices\´\´\´, detecting violations of such practices has proven difficult. To address this need, we developed a tool that can analyze the deployment configurations of multiple SOA platforms and report potential SOA best practice violations. In this paper, we compare, contrast and categorize SOA platforms, and describe the analysis challenges posed by each category. We describe our framework architecture for our multi-platform analyses, and further describe our prototype implementation of this architecture.
Keywords :
Web services; configuration management; security of data; software architecture; software metrics; Web services standard complexity; deployment configuration analysis; multiplatform analyses; security analyses; service-oriented archicture; violation detection; Application software; Best practices; Computer architecture; Hardware; Security; Semiconductor optical amplifiers; Service oriented architecture; Software prototyping; USA Councils; Web services;
Conference_Titel :
Web Services, 2007. ICWS 2007. IEEE International Conference on
Conference_Location :
Salt Lake City, UT
Print_ISBN :
0-7695-2924-0
DOI :
10.1109/ICWS.2007.4
