Defining and matching test-based certificates in Open SOA

Anisetti, M.; Ardagna, C.A.; Damiani, E.

doi:10.1109/ICSTW.2011.7

Following the Service-Oriented Architecture (SOA) and the Cloud paradigms, an increasing number of organizations implement their business processes and applications via runtime composition of services made available on the cloud by single suppliers. This scenario however introduces new security risks and threats, as the service providers may not provide the level of assurance required by their customers. There is therefore the need of a new certification scheme for services that provides trusted evidence that a service has some security properties, and a matching infrastructure to compare service certificates with users' certification preferences. In this paper, we propose a first solution to the definition of a test-based certification process for SOA.

Defining and matching test-based certificates in Open SOA / M. Anisetti, C.A. Ardagna, E. Damiani - In: Fourth IEEE international conference on software testing, verification, and validation workshops : Berlin, Germany, 21–25 march 2011 : proceedingsLos Alamitos : Institute of electrical and electronics engineers, 2011. - ISBN 9781457700194. - pp. 520-522 (( Intervento presentato al 4. convegno IEEE Fourth International Conference on Software Testing, Verification and Validation Workshops (ICSTW) tenutosi a Berlin nel 2011 [10.1109/ICSTW.2011.7].

Defining and matching test-based certificates in Open SOA

M. Anisetti^Primo;C.A. Ardagna^Secondo;E. Damiani^Ultimo

2011

Abstract

Following the Service-Oriented Architecture (SOA) and the Cloud paradigms, an increasing number of organizations implement their business processes and applications via runtime composition of services made available on the cloud by single suppliers. This scenario however introduces new security risks and threats, as the service providers may not provide the level of assurance required by their customers. There is therefore the need of a new certification scheme for services that provides trusted evidence that a service has some security properties, and a matching infrastructure to compare service certificates with users' certification preferences. In this paper, we propose a first solution to the definition of a test-based certification process for SOA.

Scheda breve

Scheda completa

Scheda completa (DC)

	Parole chiave
	
				Service security certification; SOA; Testing
			
	Settori scientifico-disciplinari del contributo (sola visualizzazione)
	
				Settore INF/01 - Informatica
			
	Titolo del progetto
	
	Titolo Progetto
	
									Advanced Security Service cERTificate for SOA
								
	Acronimo
	
									ASSERT4SOA
								
	Nome finanziatore
	
										EUROPEAN COMMISSION
									
	Finanziamento
	
									FP7
								
	N. Contratto
	
									257351 
								
	Data di pubblicazione
	
				2011
			
	Enti collegati al convegno
	
				Institute of electrical and electronics engineers
			
	DOI
	
				https://dx.doi.org/10.1109/ICSTW.2011.7
			
	Tipologia
	
				Book Part (author)
			
	Appare nelle tipologie:
	
				03 - Contributo in volume

File in questo prodotto:

File	Dimensione	Formato
Anisetti.pdf Open Access dal 02/05/2013 Tipologia: Publisher's version/PDF Dimensione 183.82 kB Formato Adobe PDF Visualizza/Apri	183.82 kB	Adobe PDF	Visualizza/Apri

Pubblicazioni consigliate

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/2434/160426

Citazioni

ND

4

ND

IRIS Institutional Research Information System - AIR Archivio Istituzionale della Ricerca