A Method for Modeling and Analyzing the Security Attributes of Service-Oriented Software System
In Service Oriented Architecture (SOA), software is implemented through a series of services and the business processes composed of services which introduce potential security problems. These security problems appeared in SOA software applications usually lead information systems and their business processes to risks. Similar to traditional quality of service (QoS) attributes such as reliability and robustness, security is one of the most important attributes of software system. In this paper, the method for modeling and analyzing the security attributes of SOA software system is investigated. Firstly, the service oriented computing model for security analysis is constructed, which characterizes service computing paradigm and related security attributes, and can be used for establishing service oriented software security metric system. Secondly, the service attack path is analyzed based upon the service oriented computing model. Finally, the effectiveness of the model and the analysis method is validated through case studies.
service oriented architecture software security security model security analysis
Liu Li Wang Chunlei Ming Liang
Science and Technology on Information System Security Laboratory Beijing, China Department of Computer Science and Technology Tsinghua University Beijing, China
国际会议
哈尔滨
英文
625-629
2011-12-24(万方平台首次上网日期,不代表论文的发表时间)