SecureSOA Modelling Security Requirements for Service-Oriented Architectures

Michael Menzel, Christoph Meinel
2010 2010 IEEE International Conference on Services Computing  
Service-oriented Architectures (SOA) facilitate the provision and orchestration of business services to enable a faster adoption to changing business demands. Web Services provide a technical foundation to realize this paradigm and support a variety of different security mechanisms and approaches. Security requirements are codified in Web Service policies that control the service's behavior in terms of secure interactions with other participants in an SOA. To facilitate and simplify the
more » ... on of enforceable security policies, we foster a model-driven approach based on the modelling of security requirements in system design models. This paper introduces our security design language Se-cureSOA that enables the definition of these security requirements. We present the abstract syntax and notion of SecureSOA and describe a schema to integrate SecureSOA in any system design language for servicebased systems. Moreover, we will demonstrate the integration of SecureSOA in Fundamental Modelling Concept (FMC) Block Diagrams.
doi:10.1109/scc.2010.63 dblp:conf/IEEEscc/MenzelM10 fatcat:iy6l3wbs2rczzggrglrqu2ttay