Integral security model for the exchange of objects in Service Oriented Architecture

  1. Rodriguez-Priego, E. 1
  2. Garcia-Izquierdo, F.J. 1
  1. 1 Universidad de La Rioja
    info

    Universidad de La Rioja

    Logroño, España

    ROR https://ror.org/0553yr311

Book:
WEBIST 2009 - Proceedings of the 5th International Conference on Web Information Systems and Technologies

ISBN: 978-989-8111-81-4

Year of publication: 2009

Pages: 60-65

Type: Book chapter

beta Ver similares en nube de resultados
SCOPUS: 2-s2.0-67650560022 WoS: WOS:000267048800009 GOOGLE SCHOLAR
Institutional repository: lock_openOpen access Postprint

Abstract

Nowadays, security approaches and solutions for SOA focus mainly on messages and data, but they forget the code security (both service code and exchanged code). Moreover, some security aspects (e.g. validity, correctness...) are usually forgotten. We state that any security approach will be incomplete if the security of both data (messages) and code (service code) is not addressed in a general sense. In this paper, we extend a previous approach about securing code in SOA. We analyze general problems related to the exchange of code and state in SOA and in the specific case of Web Services architectures. A new general model of security is presented. This model covers any aspect related to the authorship, distribution, transformation, execution and validation of both code and data.