Extending a Secure System Development Methodology to SOA

Authors:
Eduardo B. Fernandez;Preethi Cholmondeley;Olaf Zimmermann
Affiliations:
Florida Atlantic University, USA;Florida Atlantic University, USA;IBM Zurich Research Lab, Switzerland
Venue:
DEXA '07 Proceedings of the 18th International Conference on Database and Expert Systems Applications
Year:
2007

Citing 0
Cited 1

The practical application of a process for eliciting and designing security in web service systems

Information and Software Technology

Quantified Score

Hi-index	0.00

Visualization

Abstract

The design of secure service-oriented architectures presents a new set of challenges for the designer. While security standards do provide some solutions, a secure system is one in which security is built in right from the start, not after a design approach has been decided. We have presented a methodology to build secure systems using patterns. We extend it now to service-oriented analysis and design, adapting the use of a tree with architectural decisions to include also security decisions. This decision tree makes architectural knowledge explicit and reusable and has value on its own right, independent of SOA and our methodology.