Towards a Reuse-oriented Security Engineering for Web-based Applications and Services-12-04-05-formatted
نویسندگان
چکیده
Security should be considered throughout a software development process to develop secure applications. This security engineering effort is restricted due to the complexity and diffusion of todays security knowledge. Approaches, such as misuse cases for threat specification and patterns for security functionality modeling, try to use and integrate security into software development, but their combined use is still difficult. In this paper a framework for developing secure software systems is presented, which aims at incorporating and unifying existing security engineering approaches by applying well-established reuse-oriented software development paradigms, such as service-orientation. The security-related activities and reusable artifacts of important development phases are discussed and the mapping of artifacts between different development phases is presented. Keywords-security engineering; software development; security patterns; service-orientation
منابع مشابه
Security Requirements for Web Services based on SIREN
Security in web services-based systems is a critical aspect since their operative infrastructure is based on Internet, which is a public medium and so intrinsically insecure. At present, there is an outstanding movement in industry towards the standardization of the security mechanisms to be used in web services-based systems. Given that the number of these security standards and mechanisms is ...
متن کاملA View-based Approach for Service-Oriented Security Architecture Specification
Developing secure software is still a software engineering challenge because of the complexity of software security. Yet integrating security engineering and software engineering is increasingly important, especially for serviceoriented applications, as they are exposed to new security challenges due to their open nature. Current security engineering approaches do not consider existing security...
متن کاملAutomatic QoS-aware Web Services Composition based on Set-Cover Problem
By definition, web-services composition works on developing merely optimum coordination among a number of available web-services to provide a new composed web-service intended to satisfy some users requirements for which a single web service is not (good) enough. In this article, the formulation of the automatic web-services composition is proposed as several set-cover problems and an approxima...
متن کاملWSLS: An Agile System Facilitating the Production of Service-Oriented Web Applications
The process of application evolution in the Web poses a tremendous challenge for Web Engineering. Changing requirements demand solutions providing flexibility beyond mere adaptation on the surface. The shift towards agile systems results in advantages noticeable during the whole application lifecycle. By enabling a reconfigurable composition of the overall system, a reduction of development and...
متن کاملDesign Web Services: Towards Service Reuse at the Design Level
Service oriented software development has gained more and more importance in the area of e-business. Most researchers focus on the semantic description of Web services and automated composition but pay little attention to how to design Web services for supporting service reuse effectively, thus a substantial amount of modeling and programming is still required. In this paper, a pattern oriented...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2012