Using JASON to secure SOA

Authors:
Łukasz Chmielewski;Richard Brinkman;Jaap-Henk Hoepman;Bert Bos
Affiliations:
Radboud University Nijmegen, the Netherlands;Radboud University Nijmegen, the Netherlands;Radboud University Nijmegen, the Netherlands and TNO ICT, the Netherlands;Chess IT, the Netherlands
Venue:
Proceedings of the 2008 workshop on Middleware security
Year:
2008

Citing 9
Cited 1

Globe: A Wide-Area Distributed System

IEEE Concurrency
Integrating Flexible Support for Security Policies into the Linux Operating System

Proceedings of the FREENIX Track: 2001 USENIX Annual Technical Conference
A Security Architecture for Object-Based Distributed Systems

ACSAC '02 Proceedings of the 18th Annual Computer Security Applications Conference
Xen and the art of virtualization

SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Securing Web Services with WS-Security: Demystifying WS-Security, WS-Policy, SAML, XML Signature, and XML Encryption

Securing Web Services with WS-Security: Demystifying WS-Security, WS-Policy, SAML, XML Signature, and XML Encryption
Service-Oriented Architecture: Concepts, Technology, and Design

Service-Oriented Architecture: Concepts, Technology, and Design
Enterprise SOA: Service-Oriented Architecture Best Practices (The Coad Series)

Enterprise SOA: Service-Oriented Architecture Best Practices (The Coad Series)
Distributed Policy Specification and Enforcement in Service-Oriented Business Systems

ICEBE '05 Proceedings of the IEEE International Conference on e-Business Engineering
Secure method invocation in Jason

CARDIS'02 Proceedings of the 5th conference on Smart Card Research and Advanced Application Conference - Volume 5

Automating information flow control in component-based distributed systems

Proceedings of the 14th international ACM Sigsoft symposium on Component based software engineering

Quantified Score

Hi-index	0.00

Visualization

Abstract

Nowadays business applications closely collaborate with other business applications by sharing one or more services. Unfortunately, opening your business application to the outside world also sacrifices security. There is quite a number of standards that aims at protecting these services. However, most of these standards require special knowledge about security and are cumbersome to use. Our JASON framework aims at simplifying the task of securing services. A programmer simply annotates his code with appropriate keywords and our tools will generate the security related code. The programmer can simply concentrate on the business application, while the JASON framework does the necessary cryptography.