Security-Oriented Service Composition and Evolution
APSEC '06 Proceedings of the XIII Asia Pacific Software Engineering Conference
SOA-Aware Authorization Control
ICSEA '06 Proceedings of the International Conference on Software Engineering Advances
A Pattern-Driven Security Process for SOA Applications
ARES '08 Proceedings of the 2008 Third International Conference on Availability, Reliability and Security
Understanding soa security design and implementation
Understanding soa security design and implementation
A Generic Metamodel For Security Policies Mutation
ICSTW '08 Proceedings of the 2008 IEEE International Conference on Software Testing Verification and Validation Workshop
Modeling security for service oriented applications
Proceedings of the Fourth European Conference on Software Architecture: Companion Volume
| Hi-index | 0.00 |
The software architecture requires interoperable security mechanisms. This article focuses on applying security requirements to service-oriented solution design. SOA security is very much concerned with what the system is supposed to do and what can go wrong. This article presents the service-oriented approach -- security services that can be developed and tested and applied against many types of applications or scenarios. The proposed concept has the contribution to allow for SSAS (Software Security as a Service) providers to provide access to software services without requiring the customer to host this service within their local environment. In this model, the access control decision and (ideally) enforcement functionality is not embedded within an application. The split of enforcement and decision point has its advantages.