Abstract
Best practices currently state that the security requirements and security architectures of distributed software-intensive systems should be based on security risk assessments, which have been designed from security patterns, are implemented in security standards and are tool-supported throughout their development life-cycle. Web service-based information systems uphold inter-enterprise relations through the Internet, and this technology has been revealed as the reference solution with which to implement Service-Oriented Architectures. In this paper, we present the application of the Process for Web Service Security (PWSSec), developed by the authors, to a real web service-based case study. The manner in which security in inter-organizational information systems can be analyzed, designed and implemented by applying PWSSec, which combines a risk analysis and management, along with a security architecture and a standard-based approach, is also shown. We additionally present a tool built to provide support to the PWSSec process.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
