Container-level security certification of services

Marco Anisetti, Claudio A. Ardagna, Ernesto Damiani

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

1 Scopus citations

Abstract

The increasing success of the Service-Oriented Architecture (SOA) paradigm has fostered the implementation of complex services, including business processes, via dynamic selection and composition of remote services providing single functionality. Run-time selection and composition of services require the deployment of high-level security standards for the SOA infrastructure, to increase the confidence of both service consumers and providers that the services satisfy their security requirements and behave as expected. In this context, certification can play a fundamental role and provide the evidence that a set of properties hold for a given service. Security certification of services can involve two different aspects: i) the evaluation of the container in which the service is deployed, in terms of compliance with web service security standards and policies; ii) the verification and validation of the service implementation. In this chapter, we focus on the first aspect and we propose an overview of container-level certification of services.

Original languageBritish English
Title of host publicationBusiness System Management and Engineering
Subtitle of host publicationFrom Open Issues to Applications
Pages93-108
Number of pages16
DOIs
StatePublished - 2012
EventInternational Workshop on Business System Management and Engineering, BSME 2010 - Malaga, Spain
Duration: 28 Jun 201028 Jun 2010

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume7350 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

ConferenceInternational Workshop on Business System Management and Engineering, BSME 2010
Country/TerritorySpain
CityMalaga
Period28/06/1028/06/10

Fingerprint

Dive into the research topics of 'Container-level security certification of services'. Together they form a unique fingerprint.

Cite this