Towards security awareness in designing service-oriented architectures

Pascal Bou Nassar, Youakim Badr, Frédérique Biennier, Kablan Barbar

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Many information security approaches deal with service-oriented architectures by focusing on security policies, requirements and technical implementation during service design, specification and implementation phases. Nevertheless, service-oriented architectures are increasingly deployed in open, distributed and dynamic environments, which particularly require an end-to-end security at each phase of the service's lifecycle. Moreover, the security should not only focus on services without considering the risks and threats that might be caused by elements from business activities or underlying hardware and software infrastructure. In this paper, we develop a model highlighting the dependency between elements at business, service and infrastructure levels, defining the design context. In addition, we develop a holistic approach to define a security conceptual model, including services, security risks and security policies and guides all phases in a typical design method for service-oriented architectures.

Original languageEnglish (US)
Title of host publicationICEIS 2013 - Proceedings of the 15th International Conference on Enterprise Information Systems
Pages347-355
Number of pages9
StatePublished - Nov 21 2013
Event15th International Conference on Enterprise Information Systems, ICEIS 2013 - Angers, France
Duration: Jul 4 2013Jul 7 2013

Publication series

NameICEIS 2013 - Proceedings of the 15th International Conference on Enterprise Information Systems
Volume3

Other

Other15th International Conference on Enterprise Information Systems, ICEIS 2013
CountryFrance
CityAngers
Period7/4/137/7/13

All Science Journal Classification (ASJC) codes

  • Information Systems
  • Information Systems and Management

Fingerprint Dive into the research topics of 'Towards security awareness in designing service-oriented architectures'. Together they form a unique fingerprint.

  • Cite this

    Nassar, P. B., Badr, Y., Biennier, F., & Barbar, K. (2013). Towards security awareness in designing service-oriented architectures. In ICEIS 2013 - Proceedings of the 15th International Conference on Enterprise Information Systems (pp. 347-355). (ICEIS 2013 - Proceedings of the 15th International Conference on Enterprise Information Systems; Vol. 3).