A Survey of Patterns for Web Services Security and Reliability Standards

Fernández, Eduardo B.; Ajaj, Ola; Buckley, Ingrid A.; Delessy-Gassant, Nelly; Hashizume, Keiko; Larrondo-Petrie, María M.

doi:10.3390/fi4020430

Cited by 11 publications

(7 citation statements)

References 22 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Security web services standards describe how to secure communication between applications through integrity, confidentiality, authentication and authorization. There are several security standard specifications [79]…”

Section: Countermeasures For T05: Customer Data Manipulationmentioning

confidence: 99%

An analysis of security issues for cloud computing

Hashizume

Rosado

Fernández‐Medina

et al. 2013

J Internet Serv Appl

Self Cite

575

309

View full text Add to dashboard Cite

Cloud Computing is a flexible, cost-effective, and proven delivery platform for providing business or consumer IT services over the Internet. However, cloud Computing presents an added level of risk because essential services are often outsourced to a third party, which makes it harder to maintain data security and privacy, support data and service availability, and demonstrate compliance. Cloud Computing leverages many technologies (SOA, virtualization, Web 2.0); it also inherits their security issues, which we discuss here, identifying the main vulnerabilities in this kind of systems and the most important threats found in the literature related to Cloud Computing and its environment as well as to identify and relate vulnerabilities and threats with possible solutions.

show abstract

Section: Countermeasures For T05: Customer Data Manipulationmentioning

confidence: 99%

An analysis of security issues for cloud computing

Hashizume

Rosado

Fernández‐Medina

et al. 2013

J Internet Serv Appl

Self Cite

575

309

View full text Add to dashboard Cite

show abstract

“…Moreover, since web services are commonly used in clouds, we can apply security web services standards to secure cloud environments by using concrete versions of the patterns used in Table 2. We have developed some patterns for security web services standards such as WSSecurity, XML Encryption, and XML Signature, most of which are surveyed in [74,75] and described in [13].…”

Section: Cloud Defensesmentioning

confidence: 99%

Building a security reference architecture for cloud systems

2015

Self Cite

View full text Add to dashboard Cite

Reference architectures (RAs) are useful tools to understand and build complex systems, and many cloud providers and software product vendors have developed versions of them. RAs describe at an abstract level (no implementation details) the main features of their cloud systems. Security is a fundamental concern in clouds and several cloud vendors provide security reference architectures (SRAs) to describe the security features of their services. A SRA is an abstract architecture describing a conceptual model of security for a cloud system and provides a way to specify security requirements for a wide range of concrete architectures. We propose here a method to build a SRA for clouds defined using UML models and patterns, which goes beyond existing models in providing a global view and a more precise description. We present a metamodel as well as security and misuse patterns for this purpose. We validate our approach by showing that it can describe more precisely existing models and that it has a variety of uses. We describe in detail one of these uses, a way of evaluating the security level of a SRA.

show abstract

“…In relation to the security aspect of this work, each business has its own security infrastructure and mechanism, and web services have specialised security requirements. As shown by Fernandez et al (2012), the numerous standards that define ways to apply security in web services are rather complex and sometimes overlap, which makes them hard to use and may produce inconsistencies. The web services security specifications are standardised by OASIS.…”

Section: Security Aspect Of the Systemmentioning

confidence: 99%

A loan management system as web services: a case study on a microfinance institution

Dagba

Lohounmè

Nambila

et al. 2014

IJIIDS

View full text Add to dashboard Cite

Despite the determination of small microfinance institutions to expand into rural areas, they are limited by geographical isolation and high transaction costs. To set those institutions and their customers free from geographical constraints, we suggest isolated populations access some features of the enterprise application via Smartphone. This solution is based on a service-oriented architecture in which the main features are developed as web services. The invocation of the methods is performed from a Smartphone or a personal computer (PC), while the execution will be done on a server that returns an understandable result through web service description language (WSDL) generated by web services, where the transport is provided by simple object access protocol (SOAP).

show abstract

A Survey of Patterns for Web Services Security and Reliability Standards

Cited by 11 publications

References 22 publications

An analysis of security issues for cloud computing

An analysis of security issues for cloud computing

Building a security reference architecture for cloud systems

A loan management system as web services: a case study on a microfinance institution

Contact Info

Product

Resources

About