Applying an open application security process to a clinical information system: a case study
Proceedings of the 2008 C3S2E conference
Web Services-Based Security Requirement Elicitation
IEICE - Transactions on Information and Systems
The practical application of a process for eliciting and designing security in web service systems
Information and Software Technology
Systematic design of secure Mobile Grid systems
Journal of Network and Computer Applications
Hi-index | 0.00 |
In the last few years, the field of Web Services (WS) security has evolved rapidly producing an impressive number of WS-based security standards. This fact has caused that organizations are still reticent about adopting technologies based on this paradigm due to the learning curve necessary to integrate security into their practical deployments. In this paper, we present PWSSec (Process for Web Services Security) as a process that enables the integration of a set of specific stages into the traditional phases of WS-based systems development providing them with security. PWSSec is composed of three stages, WSSecReq (Web Services Security Requirements), WSSecArch (Web Services Security Architecture) and WSSecTech (Web Services Security Technologies) that allow the specification of WS-specific security requirements, the definition of the WS-based security architecture and the identification of the security standards that the security architecture must deploy, respectively.