Security-aware selection of Web Services for Reliable Composition

Khani, S., Gacek, C. & Popov, P. T. (2015). Security-aware selection of Web Services for Reliable Composition. Paper presented at the 11th European Dependable Computing Conference, Student Forum, September 7-11 2015, Paris, France.

[img]
Preview
Text - Draft Version
Download (313kB) | Preview

Abstract

Dependability is an important characteristic that a trustworthy computer system should have. It is a measure of Availability, Reliability, Maintainability, Safety and Security. The focus of our research is on security of web services. Web services enable the composition of independent services with complementary functionalities to produce value-added services, which allows organizations to implement their core business only and outsource other service components over the Internet, either pre-selected or on-the-fly. The selected third party web services may have security vulnerabilities. Vulnerable web services are of limited practical use. We propose to use an intrusion-tolerant composite web service for each functionality that should be fulfilled by a third party web service. The third party services employed in this approach should be selected based on their security vulnerabilities in addition to their performance. The security vulnerabilities of the third party services are assessed using a penetration testing tool. In this paper we present our preliminary research work.

Item Type: Conference or Workshop Item (Paper)
Additional Information: Yann Busnel. 11th European Dependable Computing Conference (EDCC 2015), Sep 2015, Paris, France. 2015, Proceedings of Student Forum - EDCC 2015
Uncontrolled Keywords: Web Services, Selection, Security, Penetration Testing
Subjects: T Technology
Divisions: School of Engineering & Mathematical Sciences
Related URLs:
URI: http://openaccess.city.ac.uk/id/eprint/12786

Actions (login required)

View Item View Item

Downloads

Downloads per month over past year

View more statistics