Smart security assessment of composed web services

Cybernetics and Systems

Volumn 41, Issue 1, 2010, Pages 46-61

  Kołaczek, Grzegorz ^a   Juszczyszyn, Krzysztof ^a  

^a WROCLAW UNIVERSITY OF TECHNOLOGY   (Poland)

Author keywords

Multi agent systems; Security; Web services

Indexed keywords

ASSESMENT; EVALUATION CRITERIA; FUNCTIONAL LAYER; LAYERED SECURITY; MULTI-AGENT APPROACH; PRECISE DEFINITION; SECURITY ASSESSMENT; SECURITY EVALUATION; SECURITY LEVEL; SUBJECTIVE LOGIC;

INFORMATION SERVICES; KNOWLEDGE BASED SYSTEMS; NETWORK SECURITY; SERVICE ORIENTED ARCHITECTURE (SOA); WEB SERVICES;

MULTI AGENT SYSTEMS;

EID: 77649319139     PISSN: 01969722     EISSN: 10876553     Source Type: Journal    
DOI: 10.1080/01969720903408797     Document Type: Conference Paper

References (27)

1. Anderson, S., Grau, A., and Hughes, C. 2005. Specification and satisfaction of SLAs in service oriented architectures. In 5th Annual DIRC Research Conference 141-150.
2. Ardagna, D. and Pernici, B. 2005. Global and local QoS constraints guarantee in web service selection. In IEEE International Conference onWeb Services (ICWS '05) 805-806. (Pubitemid 44460285)
3. Blanco, E., Vidal, Y., and Graterol, J. 2008. Techniques to produce optimal web service compositions. IEEE Congress on Services 553-558.
4. Cardoso, J.,Miller, J., Sheth, A., and Arnold, J. 2002.Modeling quality-of-service for workflows andWeb service processes. LSDIS Lab,University ofGeorgia,Technical Report #02-002.
5. Computer Emergency Response Team (CERT). 2009. Retrieved March 20, 2009 from: http://www.cert.org.
6. Charif, Y. and Sabouret, N. 2006. An overview of semantic web services composition approaches. Electronic Notes in Theoretical Computer Science 146: 33-41.
7. Department of Homeland Security (DHS). 2009. National Vulnerability Database of the National Cybersecurity Division. Retrieved March 20, 2009 from : http://nvd.nist.gov.
8. Epstein, J., Matsumoto, S., and McGraw, G. 2006. Software security and SOA. IEEE Security and Privacy 4(1): 80-83.
9. Fernandez, E. B. andDelessy,N. 2006. Using patterns to understand and compare web services security products and standards. AICT 157-168.
10. Frolund, S. and Koisten, J. 1998. QML: A language for quality of service specification. http://www.hpl.hp.com/techreports/98/HPL-98-10.html. Last accessed November 11, 2009.
11. Huang, A. F. M., Lan, C.-W., and Yang, S. J. H. 2009. An optimal QoS-based web service selection scheme. Information Sciences 179: 3309-3322.
12. Hughes, C. and Hillman, J. 2006. QoS Explorer: A tool for exploring QoS in composed services. In: ICWS '06, International Conference onWeb Services, 797-806.
13. Jaeger, M. C., Rojec-Goldmann, G., and Muhl, G. 2005. QoS aggregation in web service compositions. In IEEE International Conference on e-Technology, e-Commerce and e-Service 181-185.
14. Jøsang, A. 1998. A metric for trusted systems. In Proceedings of the 21st National Security Conference (NSA) 68-77.
15. Jøsang, A. 2001. A logic for uncertain probabilitie s. International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems 9(3): 279-311.
16. Jøsang, A. 2003. Conditional inference in subjective logic. In Proceedings of the 6th International Conference on Information Fusion Cairns, 279-311.
17. Karakoc, E. and Senkul, P. 2009. Composing semanticWeb services under constraints. Expert Systems with Applications 36: 11021-11029.
18. Keller, A. and Ludwig, H. 2002. The WSLA framework: Specifying and monitoring service level agreements for web services. IBM Research Report May 2002.
19. Kolaczek, G. 2009. Opracowanie koncepcji specyfikacji metod i modeli szacowania poziomu bezpieczeñstwa systemów SOA i SOKU, WUT (in Polish).
20. Maamara, Z., Narendrab, Z., and Sattanathan, S. 2006. Towards an ontology-based approach for specifying and securing Web services. Information and Software Technology 48: 441-455.
21. Milanovic, N. and Malek, M. 2004. Current solutions for web service composition. IEEE Internet Computing 8(6): 51-59.
22. Nakamura, Y., Tatsubori, M., Imamura, T., and Ono, K. 2005. Model-driven security based on web services security architecture. IEEE Int. Conference on Services Computing 1: 7-15.
23. Rao, J. and Su, X. 2004. A survey of automated web service composition methods. In Semantic Web Services andWeb Process Composition, (SWSWPC) 2004. San Diego, CA, 43-54.
24. SysAdmin, Audit, Network, Security (SANS) Institute. 2006. RetrievedMarch 20, 2009 from http://www.sans.org.
25. Skalka, C. andWang, X. 2004. Trust by verify: Authorization for web services. Paper presented at the ACMWorkshop on SecureWeb Services, 47-55.
26. SOA Reference Model Technical Committee. 2006. A Reference Model for Service Oriented Architecture, OASIS.
27. Steel, C., Nagappan, R., and Lai, R. 2006. Core security patterns: Best practices and strategies for J2EE, web services, and identity management. Upper Saddle River, NJ: Pearson. WS-Security Policy 1.2 (OASIS), 2009.