Google scholar arxiv informatics ads IJAIS publications are indexed with Google Scholar, NASA ADS, Informatics et. al.

Call for Paper

-

July Edition 2021

International Journal of Applied Information Systems solicits high quality original research papers for the July 2021 Edition of the journal. The last date of research paper submission is June 15, 2021.

Building Trust for Web Services Security Patterns

V. Prasath Published in Security

International Journal of Applied Information Systems
Year of Publication 2012
© 2010 by IJAIS Journal
Authors V. Prasath
http:/ijais12-450454
Download full text
  1. V Prasath. Article: Building Trust for Web Services Security Patterns. International Journal of Applied Information Systems 3(2):14-20, July 2012. BibTeX

    @article{key:article,
    	author = "V. Prasath",
    	title = "Article: Building Trust for Web Services Security Patterns",
    	journal = "International Journal of Applied Information Systems",
    	year = 2012,
    	volume = 3,
    	number = 2,
    	pages = "14-20",
    	month = "July",
    	note = "Published by Foundation of Computer Science, New York, USA"
    }
    

Abstract

Security is a very important aspect for web service technology. Many people find the idea of creating security metrics to be a daunting task. Secure web service discovery aims at finding the best component services that satisfy the end-to-end security requirements between service consumer and service provider. The term "metrics or criteria" refers to specific objectives that have defined security measurement. It helps to select the most suitable security configuration according to a consumer business process and different levels of trust. In this paper, we presents a new pattern methodology for web service to address the security issues and propose a scalable security computation based on a heuristic approach which decomposes the complex problem into smaller sub problems that can be solved more efficient than the original problem. We define quality of service (QoS) in security as a set of security requirements a service provider guarantees. We identified several security parameters classified under different criteria to evaluate web services vulnerabilities. Metrics evaluation can be done through heuristic approach where in the security parameters are assigned prioritized weights which meliorates rank of web services.

Reference

  1. H. F. Tipton and M. Krause, Information Security Management Handbook, CRC Press, 2004.
  2. J. Mirkovic,D-WARD: Source-End Defense Against Distributed Denial-of-service Attacks, Ph. D. Thesis, University of California, LosAngeles, 2003. Handbook, CRC Press, 2004.
  3. Al-Masri, E. ; Mahmoud, Q. H. ; Towards Quality-Driven web service Discovery, P u b l i s h e d by the IEEE Computer Society, IT Pro May/ June 2008.
  4. Spyrost. halkidis, Alexander chatzigeorgiou, George stephanides, "A Practical Evaluation of Security Patterns", Math. Subjects Classification 2000: 94A60, 14G50, 68Q99.
  5. DuanYouxiang1 and Gao Yang. "Evaluating Vulnerabilities Quantitatively Based On the Rank of Web Services Confidentiality", Journal of Next Generation Information Technology, volume 2, Number 1, February, 2011.
  6. Colin Wong and Daniel Grzelak, "A Web Services Security Testing Framework", SIFT SPECIAL PUBLICATION, Information security services, Version 1. 00.
  7. Marco Vieira,Nuno Antunes, and Henrique Madeira "Using Web Security Scanners to Detect Vulnerabilities in Web Services". IEEE/IFIP Intl Conf. on Dependable Systems and Networks, DSN 2009,Lisbon, Portugal, June 2009.
  8. Acunetix Web Vulnerability Scanner, 2008, http://www. acunetix. com/vulnerability-scanner/
  9. John Steven and Gunnar Peterson,"A Metrics Framework to Drive Application Security Improvement", IEEE Security & Privacy, vol. 1, no. 4, 2003, pp. 88–91. H. F. Tipton and M. Krause, Information Security Management Handbook, CRC Press, 2004.
  10. JeffreyR. Williams and George F. Jelen, "A Practical Approach to Measuring Assurance",Document Number ATR 97043, Arca Systems, Inc. , 23 April 1998.
  11. Vu, L. , Hauswirth, M. , and Aberer, K. (2005). "QoS based service selection and ranking with trust and reputation management". In Proc. of the Intl. conf. on Cooperative Information Systems (CoopIS), Agia apa, Cyprus.
  12. Artsiom and Yautsiukhin, "Quality of Protection Determination for Web Services". http://bis. kie. ae. poznan. pl/10th_bis/wsiqs1. pdf
  13. Bachar Alrouh and Gheorghita Ghinea, "A Performance Evaluation of Security Mechanisms for Web services", 2009 Fifth International Conference on Information Assurance and Security.
  14. Alain Geroges Vouffo Feudjio,"Availability Testing for Web Services", ISSN 0085-7130 © Telenor ASA 2009.
  15. D. J. Mandell and S. A. McIlraith. A Bottom-Up Approach to Automating Web Service Discovery, Customization, and Semantic Translation. In the Proceedings of the Twelfth International World Wide Web Conference Workshop on E-Services and the Semantic Web (ESSW'03), Budapest, Hungary, 2003.

Keywords

Security Patterns, Secure Service Discovery, Trust, Security, Ranking