City Research Online

Security-aware selection of Web Services for Reliable Composition

Khani, S., Gacek, C. & Popov, P. T. (2015). Security-aware selection of Web Services for Reliable Composition. Paper presented at the 11th European Dependable Computing Conference, Student Forum, September 7-11 2015, Paris, France.

Abstract

Dependability is an important characteristic that a trustworthy computer system should have. It is a measure of Availability, Reliability, Maintainability, Safety and Security. The focus of our research is on security of web services. Web services enable the composition of independent services with complementary functionalities to produce value-added services, which allows organizations to implement their core business only and outsource other service components over the Internet, either pre-selected or on-the-fly. The selected third party web services may have security vulnerabilities. Vulnerable web services are of limited practical use. We propose to use an intrusion-tolerant composite web service for each functionality that should be fulfilled by a third party web service. The third party services employed in this approach should be selected based on their security vulnerabilities in addition to their performance. The security vulnerabilities of the third party services are assessed using a penetration testing tool. In this paper we present our preliminary research work.

Publication Type: Conference or Workshop Item (Paper)
Additional Information: Yann Busnel. 11th European Dependable Computing Conference (EDCC 2015), Sep 2015, Paris, France. 2015, Proceedings of Student Forum - EDCC 2015
Publisher Keywords: Web Services, Selection, Security, Penetration Testing
Subjects: T Technology
Departments: School of Science & Technology
Related URLs:
[thumbnail of 1510.02391v1.pdf]
Preview
Text - Draft Version
Download (313kB) | Preview

Export

Add to AnyAdd to TwitterAdd to FacebookAdd to LinkedinAdd to PinterestAdd to Email

Downloads

Downloads per month over past year

View more statistics

Actions (login required)

Admin Login Admin Login