Evolving security requirements in multi-layered service-oriented-architectures
DPM'11 Proceedings of the 6th international conference, and 4th international conference on Data Privacy Management and Autonomous Spontaneus Security
A test-based security certification scheme for web services
ACM Transactions on the Web (TWEB)
Estimating risk levels for vulnerability categories using CVSS
International Journal of Internet Technology and Secured Transactions
A model for quantitative security measurement and prioritisation of vulnerability mitigation
International Journal of Security and Networks
Evaluation of severity index of vulnerability categories
International Journal of Information and Computer Security
| Hi-index | 0.01 |
Vulnerabilities in operating systems and web applications have been and are being put into various classifications, leading to a better understanding of their causes and effects, and to improved vulnerability management tool support. In a service-oriented architecture (SOA), additional vulnerabilities exist in the implementations of new standards such as BPEL and SOAP. Attackers can exploit these vulnerabilities to interfere with the business processes, which are executed as orchestration of services. We describe our approach and ongoing work of creating a SOA vulnerability classification.