Service network security management (SNSM) framework, a solution to SOSE security challenge

Abstract

SOSE is a novel software development paradigm that results in flexible, loose-coupled and end-to-end applications. However, the adoption of this innovation is slowed by security challenge. Apparently, the use of only TLS (transport layer security) security technique for SOSE systems is inappropriate because it provides only point-to-point security support to the communicating parties. While, an end-to-end security mechanism is necessary to effectively secure SOSE applications. Consequently, this paper provides SNSM framework, a solution to SOSE security challenge by integrating many technologies including OASIS's web service security standard, W3C's XML digital signature and XML encryption standards into SOAP envelope to ensure end-to-end security at the message level. In the implementation of the framework, proxy service, a virtual service hosted in the Enterprise Service Bus (ESB) was used to enforce security services as a Quality of service (QOS) requirement. The results show that SNSM framework recorded 10 millisecond average response time above unsecured service, whereas, the TLS secured service has the largest average response time.