Following the Service-Oriented Architecture (SOA) and the Cloud paradigms, an increasing number of organizations implement their business processes and applications via runtime composition of services made available on the cloud by single suppliers. This scenario however introduces new security risks and threats, as the service providers may not provide the level of assurance required by their customers. There is therefore the need of a new certification scheme for services that provides trusted evidence that a service has some security properties, and a matching infrastructure to compare service certificates with users' certification preferences. In this paper, we propose a first solution to the definition of a test-based certification process for SOA.

Defining and matching test-based certificates in Open SOA / M. Anisetti, C.A. Ardagna, E. Damiani - In: Fourth IEEE international conference on software testing, verification, and validation workshops : Berlin, Germany, 21–25 march 2011 : proceedingsLos Alamitos : Institute of electrical and electronics engineers, 2011. - ISBN 9781457700194. - pp. 520-522 (( Intervento presentato al 4. convegno IEEE Fourth International Conference on Software Testing, Verification and Validation Workshops (ICSTW) tenutosi a Berlin nel 2011 [10.1109/ICSTW.2011.7].

Defining and matching test-based certificates in Open SOA

M. Anisetti
Primo
;
C.A. Ardagna
Secondo
;
E. Damiani
Ultimo
2011

Abstract

Following the Service-Oriented Architecture (SOA) and the Cloud paradigms, an increasing number of organizations implement their business processes and applications via runtime composition of services made available on the cloud by single suppliers. This scenario however introduces new security risks and threats, as the service providers may not provide the level of assurance required by their customers. There is therefore the need of a new certification scheme for services that provides trusted evidence that a service has some security properties, and a matching infrastructure to compare service certificates with users' certification preferences. In this paper, we propose a first solution to the definition of a test-based certification process for SOA.
Service security certification; SOA; Testing
Settore INF/01 - Informatica
   Advanced Security Service cERTificate for SOA
   ASSERT4SOA
   EUROPEAN COMMISSION
   FP7
   257351
2011
Institute of electrical and electronics engineers
Book Part (author)
File in questo prodotto:
File Dimensione Formato  
Anisetti.pdf

Open Access dal 02/05/2013

Tipologia: Publisher's version/PDF
Dimensione 183.82 kB
Formato Adobe PDF
183.82 kB Adobe PDF Visualizza/Apri
Pubblicazioni consigliate

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/2434/160426
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 4
  • ???jsp.display-item.citation.isi??? ND
social impact