A fine-grained access control system for XML documents
ACM Transactions on Information and System Security (TISSEC)
The Rational Unified Process: An Introduction, Second Edition
The Rational Unified Process: An Introduction, Second Edition
An access control framework for business processes for web services
Proceedings of the 2003 ACM workshop on XML security
Elaborating Security Requirements by Construction of Intentional Anti-Models
Proceedings of the 26th International Conference on Software Engineering
Best-Practice Patterns and Tool Support for Configuring Secure Web Services Messaging
ICWS '04 Proceedings of the IEEE International Conference on Web Services
Authorization Service for Web Services and its Implementation
ICWS '04 Proceedings of the IEEE International Conference on Web Services
Risk Analysis in Software Design
IEEE Security and Privacy
A Role based Access Control for Web Services
SCC '04 Proceedings of the 2004 IEEE International Conference on Services Computing
Misuse Cases: Use Cases with Hostile Intent
IEEE Software
Web Services-Based Security Requirement Elicitation
IEICE - Transactions on Information and Systems
The practical application of a process for eliciting and designing security in web service systems
Information and Software Technology
Utilizing the interactive techniques to achieve automated service composition for Web Services
Journal of High Speed Networks
| Hi-index | 0.00 |
Web Services (WS hereafter) Security is a crucial aspect for technologies based on this paradigm to be completely adopted by the industry. As a consequence, a lot of initiativesof initiatives have arisen during the last years setting as their main purpose the standardization of the security factors related to this paradigm. In fact, over the past years, the most important consortiums ofof Internet Internet, like IETF, W3C or OASIS, are producing a huge number of WS-based security standards. Despite of this growing, there's not exist yet a process that guides developers in the critical task of integrating security within all the stages of the development's life cycle of WS-based software. Such a process should facilitate developers in the activities of web service-specific security requirents specification, web services-based security architecture design and web services security standards selection, integration and deployment. In this article we briefly present the PWSSec (Process for Web Services Security) process that is composed of three stages, WSSecReq (Web Services Security Requirents), WSSecArch (Web Services Security Architecture) and WSSecTech (Web Services Security Technologies) that accomplishes the mentioned activities, respectively. In this article wWe also provide an thorough explanation of the WSSecArch (Web Services Security Stage) stage intended to design the web services-based security architecture. In addition, a real case study where this stage in being applied is also included.