CFP last date
15 November 2024
Reseach Article

Building Trust for Web Services Security Patterns

by V. Prasath
International Journal of Applied Information Systems
Foundation of Computer Science (FCS), NY, USA
Volume 3 - Number 2
Year of Publication: 2012
Authors: V. Prasath
http:/ijais12-450454

V. Prasath . Building Trust for Web Services Security Patterns. International Journal of Applied Information Systems. 3, 2 ( July 2012), 14-20. DOI=http:/ijais12-450454

@article{ http:/ijais12-450454,
author = { V. Prasath },
title = { Building Trust for Web Services Security Patterns },
journal = { International Journal of Applied Information Systems },
issue_date = { July 2012 },
volume = { 3 },
number = { 2 },
month = { July },
year = { 2012 },
issn = { 2249-0868 },
pages = { 14-20 },
numpages = {9},
url = { https://www.ijais.org/archives/volume3/number2/203-0454/ },
doi = { http:/ijais12-450454 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2023-07-05T10:45:24.362781+05:30
%A V. Prasath
%T Building Trust for Web Services Security Patterns
%J International Journal of Applied Information Systems
%@ 2249-0868
%V 3
%N 2
%P 14-20
%D 2012
%I Foundation of Computer Science (FCS), NY, USA
Abstract

Security is a very important aspect for web service technology. Many people find the idea of creating security metrics to be a daunting task. Secure web service discovery aims at finding the best component services that satisfy the end-to-end security requirements between service consumer and service provider. The term "metrics or criteria" refers to specific objectives that have defined security measurement. It helps to select the most suitable security configuration according to a consumer business process and different levels of trust. In this paper, we presents a new pattern methodology for web service to address the security issues and propose a scalable security computation based on a heuristic approach which decomposes the complex problem into smaller sub problems that can be solved more efficient than the original problem. We define quality of service (QoS) in security as a set of security requirements a service provider guarantees. We identified several security parameters classified under different criteria to evaluate web services vulnerabilities. Metrics evaluation can be done through heuristic approach where in the security parameters are assigned prioritized weights which meliorates rank of web services.

References
  1. H. F. Tipton and M. Krause, Information Security Management Handbook, CRC Press, 2004.
  2. J. Mirkovic,D-WARD: Source-End Defense Against Distributed Denial-of-service Attacks, Ph. D. Thesis, University of California, LosAngeles, 2003. Handbook, CRC Press, 2004.
  3. Al-Masri, E. ; Mahmoud, Q. H. ; Towards Quality-Driven web service Discovery, P u b l i s h e d by the IEEE Computer Society, IT Pro May/ June 2008.
  4. Spyrost. halkidis, Alexander chatzigeorgiou, George stephanides, "A Practical Evaluation of Security Patterns", Math. Subjects Classification 2000: 94A60, 14G50, 68Q99.
  5. DuanYouxiang1 and Gao Yang. "Evaluating Vulnerabilities Quantitatively Based On the Rank of Web Services Confidentiality", Journal of Next Generation Information Technology, volume 2, Number 1, February, 2011.
  6. Colin Wong and Daniel Grzelak, "A Web Services Security Testing Framework", SIFT SPECIAL PUBLICATION, Information security services, Version 1. 00.
  7. Marco Vieira,Nuno Antunes, and Henrique Madeira "Using Web Security Scanners to Detect Vulnerabilities in Web Services". IEEE/IFIP Intl Conf. on Dependable Systems and Networks, DSN 2009,Lisbon, Portugal, June 2009.
  8. Acunetix Web Vulnerability Scanner, 2008, http://www. acunetix. com/vulnerability-scanner/
  9. John Steven and Gunnar Peterson,"A Metrics Framework to Drive Application Security Improvement", IEEE Security & Privacy, vol. 1, no. 4, 2003, pp. 88–91. H. F. Tipton and M. Krause, Information Security Management Handbook, CRC Press, 2004.
  10. JeffreyR. Williams and George F. Jelen, "A Practical Approach to Measuring Assurance",Document Number ATR 97043, Arca Systems, Inc. , 23 April 1998.
  11. Vu, L. , Hauswirth, M. , and Aberer, K. (2005). "QoS based service selection and ranking with trust and reputation management". In Proc. of the Intl. conf. on Cooperative Information Systems (CoopIS), Agia apa, Cyprus.
  12. Artsiom and Yautsiukhin, "Quality of Protection Determination for Web Services". http://bis. kie. ae. poznan. pl/10th_bis/wsiqs1. pdf
  13. Bachar Alrouh and Gheorghita Ghinea, "A Performance Evaluation of Security Mechanisms for Web services", 2009 Fifth International Conference on Information Assurance and Security.
  14. Alain Geroges Vouffo Feudjio,"Availability Testing for Web Services", ISSN 0085-7130 © Telenor ASA 2009.
  15. D. J. Mandell and S. A. McIlraith. A Bottom-Up Approach to Automating Web Service Discovery, Customization, and Semantic Translation. In the Proceedings of the Twelfth International World Wide Web Conference Workshop on E-Services and the Semantic Web (ESSW'03), Budapest, Hungary, 2003.
Index Terms

Computer Science
Information Sciences

Keywords

Security Patterns Secure Service Discovery Trust Security Ranking