Integral security model for the exchange of objects in Service Oriented Architecture

  1. Rodriguez-Priego, E. 1
  2. Garcia-Izquierdo, F.J. 1
  1. 1 Universidad de La Rioja
    info

    Universidad de La Rioja

    Logroño, España

    ROR https://ror.org/0553yr311

Libro:
WEBIST 2009 - Proceedings of the 5th International Conference on Web Information Systems and Technologies

ISBN: 978-989-8111-81-4

Año de publicación: 2009

Páginas: 60-65

Tipo: Capítulo de Libro

SCOPUS: 2-s2.0-67650560022 WoS: WOS:000267048800009 GOOGLE SCHOLAR
Repositorio institucional: lock_openAcceso abierto Postprint

Resumen

Nowadays, security approaches and solutions for SOA focus mainly on messages and data, but they forget the code security (both service code and exchanged code). Moreover, some security aspects (e.g. validity, correctness...) are usually forgotten. We state that any security approach will be incomplete if the security of both data (messages) and code (service code) is not addressed in a general sense. In this paper, we extend a previous approach about securing code in SOA. We analyze general problems related to the exchange of code and state in SOA and in the specific case of Web Services architectures. A new general model of security is presented. This model covers any aspect related to the authorship, distribution, transformation, execution and validation of both code and data.