EST

Call for paper
April Edition 2017

International Journal of Applied Information Systems solicits high quality original research papers for the
March 15, 2017
April 2017 Edition of the journal.
The last date of research paper submission is
March 15, 2017
SUBMIT YOUR PAPER

Number 2

Building Trust for Web Services Security Patterns

journal image
  • International Journal of Applied Information Systems
  • Foundation of Computer Science (FCS), NY, USA
  • Volume 3 - Number 2
  • Year of Publication: 2012
  • Authors: V. Prasath
  • http:/ijais12-450454
 Download
1105

Export

  • V. Prasath 2012. Building Trust for Web Services Security Patterns. International Journal of Applied Information Systems. 3, 2 (July 2012), 14-20. DOI=http://dx.doi.org/10.5120/ijais450454 
  • @article{10.5120/ijais2017451568,
author = {V. Prasath},
title = {Building Trust for Web Services Security Patterns},
journal = {International Journal of Applied Information Systems},
issue_date = {July 2012},
volume = {3},
number = {},
month = {July},
year = {2012},
issn = {},
pages = {14-20},
numpages = {},
url = {/archives/volume3/number2/203-0454},
doi = { http:/ijais12-450454},
publisher = { xA9 2010 by IJAIS Journal},
address = {}
}

  • %1 450454
%A V.  Prasath
%T Building Trust for Web Services Security Patterns
%J International Journal of Applied Information Systems
%@ 
%V 3
%N 
%P 14-20
%D 2012
%I  xA9 2010 by IJAIS Journal

Abstract

Security is a very important aspect for web service technology. Many people find the idea of creating security metrics to be a daunting task. Secure web service discovery aims at finding the best component services that satisfy the end-to-end security requirements between service consumer and service provider. The term "metrics or criteria" refers to specific objectives that have defined security measurement. It helps to select the most suitable security configuration according to a consumer business process and different levels of trust. In this paper, we presents a new pattern methodology for web service to address the security issues and propose a scalable security computation based on a heuristic approach which decomposes the complex problem into smaller sub problems that can be solved more efficient than the original problem. We define quality of service (QoS) in security as a set of security requirements a service provider guarantees. We identified several security parameters classified under different criteria to evaluate web services vulnerabilities. Metrics evaluation can be done through heuristic approach where in the security parameters are assigned prioritized weights which meliorates rank of web services.

References

  1. H. F. Tipton and M. Krause, Information Security Management Handbook, CRC Press, 2004.
  2. J. Mirkovic,D-WARD: Source-End Defense Against Distributed Denial-of-service Attacks, Ph. D. Thesis, University of California, LosAngeles, 2003. Handbook, CRC Press, 2004.
  3. Al-Masri, E. ; Mahmoud, Q. H. ; Towards Quality-Driven web service Discovery, P u b l i s h e d by the IEEE Computer Society, IT Pro May/ June 2008.
  4. Spyrost. halkidis, Alexander chatzigeorgiou, George stephanides, "A Practical Evaluation of Security Patterns", Math. Subjects Classification 2000: 94A60, 14G50, 68Q99.
  5. DuanYouxiang1 and Gao Yang. "Evaluating Vulnerabilities Quantitatively Based On the Rank of Web Services Confidentiality", Journal of Next Generation Information Technology, volume 2, Number 1, February, 2011.
  6. Colin Wong and Daniel Grzelak, "A Web Services Security Testing Framework", SIFT SPECIAL PUBLICATION, Information security services, Version 1. 00.
  7. Marco Vieira,Nuno Antunes, and Henrique Madeira "Using Web Security Scanners to Detect Vulnerabilities in Web Services". IEEE/IFIP Intl Conf. on Dependable Systems and Networks, DSN 2009,Lisbon, Portugal, June 2009.
  8. Acunetix Web Vulnerability Scanner, 2008, http://www. acunetix. com/vulnerability-scanner/
  9. John Steven and Gunnar Peterson,"A Metrics Framework to Drive Application Security Improvement", IEEE Security & Privacy, vol. 1, no. 4, 2003, pp. 88–91. H. F. Tipton and M. Krause, Information Security Management Handbook, CRC Press, 2004.
  10. JeffreyR. Williams and George F. Jelen, "A Practical Approach to Measuring Assurance",Document Number ATR 97043, Arca Systems, Inc. , 23 April 1998.
  11. Vu, L. , Hauswirth, M. , and Aberer, K. (2005). "QoS based service selection and ranking with trust and reputation management". In Proc. of the Intl. conf. on Cooperative Information Systems (CoopIS), Agia apa, Cyprus.
  12. Artsiom and Yautsiukhin, "Quality of Protection Determination for Web Services". http://bis. kie. ae. poznan. pl/10th_bis/wsiqs1. pdf
  13. Bachar Alrouh and Gheorghita Ghinea, "A Performance Evaluation of Security Mechanisms for Web services", 2009 Fifth International Conference on Information Assurance and Security.
  14. Alain Geroges Vouffo Feudjio,"Availability Testing for Web Services", ISSN 0085-7130 © Telenor ASA 2009.
  15. D. J. Mandell and S. A. McIlraith. A Bottom-Up Approach to Automating Web Service Discovery, Customization, and Semantic Translation. In the Proceedings of the Twelfth International World Wide Web Conference Workshop on E-Services and the Semantic Web (ESSW'03), Budapest, Hungary, 2003.

Keywords

Security Patterns, Secure Service Discovery, Trust, Security, Ranking

Index Terms

Computer Science
Information Sciences