Trading off security in a service oriented architecture

Authors:
G. Swart;Benjamin Aziz;Simon N. Foley;John Herbert
Affiliations:
IBM Almaden Research Center, San Jose, CA;Department of Computing, Imperial College, London, UK;Department of Computer Science, University College Cork, Cork, Ireland;Department of Computer Science, University College Cork, Cork, Ireland
Venue:
DBSec'05 Proceedings of the 19th annual IFIP WG 11.3 working conference on Data and Applications Security
Year:
2005

Citing 7
Cited 1

Minerva: An automated resource provisioning tool for large-scale storage systems

ACM Transactions on Computer Systems (TOCS)
Appia: Automatic Storage Area Network Fabric Design

FAST '02 Proceedings of the Conference on File and Storage Technologies
Hippodrome: Running Circles Around Storage Administration

FAST '02 Proceedings of the Conference on File and Storage Technologies
Gprof: A call graph execution profiler

SIGPLAN '82 Proceedings of the 1982 SIGPLAN symposium on Compiler construction
An approach for quality of service adaptation in service-oriented Grids: Research Articles

Concurrency and Computation: Practice & Experience - Middleware for Grid Computing
Architecturing and configuring distributed application with Olan

Middleware '98 Proceedings of the IFIP International Conference on Distributed Systems Platforms and Open Distributed Processing
An overview of quality of service routing for next-generation high-speed networks: problems and solutions

IEEE Network: The Magazine of Global Internetworking

Principles of secure network configuration: towards a formal basis for self-configuration

IPOM'06 Proceedings of the 6th IEEE international conference on IP Operations and Management

Quantified Score

Hi-index	0.00

Visualization

Abstract

Service oriented architectures provide a simple yet flexible model of a computing system as a graph of services making requests and providing results to each other. In this paper we define a formal model of a service oriented architecture and using it, we define metrics for performance, for availability, and for various security properties. These metrics serve as the basis for expressing the business requirements. To make trade-offs possible we also define a set of cost metrics, denominated in a uniform currency, to measure the cost of not meeting a requirement. The model, the property metrics, and the cost metrics are then used to generate a Constraint Satisfaction Problem where the objective function is set to minimize the aggregate system cost. We have written these constraints and defined realistic requirements in OPL and we have used them to generate system configurations that minimize the overall cost by optimally trading off the business requirements.