Managing end-to-end security risks with fuzzy logic in service-oriented architectures

Youakim Badr, Soumya Banerjee

Research output: Chapter in Book/Report/Conference proceedingConference contribution

4 Scopus citations

Abstract

Service-oriented architectures are increasingly deployed in open, distributed and dynamic environments, which require an end-to-end security awareness security at each phase of the service's lifecycle. Moreover, the security should not only focus on services without considering the risks and threats that might be caused by elements from business activities or underlying hardware and software infrastructure. In this paper, we adopt a holistic approach to define a security conceptual model that covers all elements at the business, service and infrastructure levels and guides each phase in a typical design method for service-oriented architectures. Since the information security is subject to uncertain and unforeseen threats, we propose a fuzzy logic decision system that helps identify security risks based on the security conceptual model and select appropriate security measures based on security objectives.

Original languageEnglish (US)
Title of host publicationProceedings - 2013 IEEE 9th World Congress on Services, SERVICES 2013
Pages111-117
Number of pages7
DOIs
StatePublished - Nov 26 2013
Event2013 IEEE 9th World Congress on Services, SERVICES 2013 - Santa Clara, CA, United States
Duration: Jun 27 2013Jul 2 2013

Publication series

NameProceedings - 2013 IEEE 9th World Congress on Services, SERVICES 2013

Other

Other2013 IEEE 9th World Congress on Services, SERVICES 2013
CountryUnited States
CitySanta Clara, CA
Period6/27/137/2/13

    Fingerprint

All Science Journal Classification (ASJC) codes

  • Electrical and Electronic Engineering

Cite this

Badr, Y., & Banerjee, S. (2013). Managing end-to-end security risks with fuzzy logic in service-oriented architectures. In Proceedings - 2013 IEEE 9th World Congress on Services, SERVICES 2013 (pp. 111-117). [6655683] (Proceedings - 2013 IEEE 9th World Congress on Services, SERVICES 2013). https://doi.org/10.1109/SERVICES.2013.28