An Introduction to the Web Services Policy Language (WSPL)
POLICY '04 Proceedings of the Fifth IEEE International Workshop on Policies for Distributed Systems and Networks
Security Conscious Web Service Composition
ICWS '06 Proceedings of the IEEE International Conference on Web Services
Why Johnny can't encrypt: a usability evaluation of PGP 5.0
SSYM'99 Proceedings of the 8th conference on USENIX Security Symposium - Volume 8
Specifying Security Goals of Component Based Systems: An End-User Perspective
ICCBSS '08 Proceedings of the Seventh International Conference on Composition-Based Software Systems (ICCBSS 2008)
Ontology-Based Security Policies for Supporting the Management of Web Service Business Processes
ICSC '08 Proceedings of the 2008 IEEE International Conference on Semantic Computing
Security Conscious Web Service Composition with Semantic Web Support
ICDEW '07 Proceedings of the 2007 IEEE 23rd International Conference on Data Engineering Workshop
Quality of Security Service for Web Services within SOA
SERVICES '09 Proceedings of the 2009 Congress on Services - I
Hi-index | 0.00 |
This paper focuses on the service composition based on security properties of services from an end user perspective. End users are usually not expert in computer security, but expert users of computer software. They typically either own or work for small and medium enterprises (SMEs). The proposed framework attempts to demonstrate that end users of small enterprises can compose a service based application based on the security profiles of software services. The paper argues that the security concerns of various stakeholders of services should be specified differently. The paper envisions a framework with which end users could select services consistent with their preferred security features suitable for their businesses. With the same token, consumers of such applications can easily understand the security profile of services in order to make a B2B transaction. This will provide end users more power to force the service developer to offer better security-aware services. The main contribution of this paper is a framework on which further work could be initiated.