A low-cost security certification scheme for evolving services

Marco Anisetti, Claudio A. Ardagna, Ernesto Damiani

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

24 Scopus citations

Abstract

Security certification schemes for Service-Oriented Architecture (SOA) extend service specifications with the evidence that a service supports a set of security properties and provides a given level of assurance. However, services are subject to continuous refinements, and uncontrolled changes can easily invalidate existing certification results and require re-certification from scratch, with high costs and overheads on service providers. In this paper, we present an approach to manage the impact of service evolution on security certification. Our approach aims to support the incremental certification of evolving services and re-use, as much as possible, the certification evidence available from older certificates in the release of a new certificate.

Original languageBritish English
Title of host publicationProceedings - 2012 IEEE 19th International Conference on Web Services, ICWS 2012
Pages122-129
Number of pages8
DOIs
StatePublished - 2012
Event2012 IEEE 19th International Conference on Web Services, ICWS 2012 - Honolulu, HI, United States
Duration: 24 Jun 201229 Jun 2012

Publication series

NameProceedings - 2012 IEEE 19th International Conference on Web Services, ICWS 2012

Conference

Conference2012 IEEE 19th International Conference on Web Services, ICWS 2012
Country/TerritoryUnited States
CityHonolulu, HI
Period24/06/1229/06/12

Keywords

  • Evolving services
  • Model-based testing
  • Security certification
  • SOA

Fingerprint

Dive into the research topics of 'A low-cost security certification scheme for evolving services'. Together they form a unique fingerprint.

Cite this