{"title":"Managing End-to-End Security Risks with Fuzzy Logic in Service-Oriented Architectures","authors":"Y. Badr, S. Banerjee","doi":"10.1109/SERVICES.2013.28","DOIUrl":null,"url":null,"abstract":"Service-oriented architectures are increasingly deployed in open, distributed and dynamic environments, which require an end-to-end security awareness security at each phase of the service's lifecycle. Moreover, the security should not only focus on services without considering the risks and threats that might be caused by elements from business activities or underlying hardware and software infrastructure. In this paper, we adopt a holistic approach to define a security conceptual model that covers all elements at the business, service and infrastructure levels and guides each phase in a typical design method for service-oriented architectures. Since the information security is subject to uncertain and unforeseen threats, we propose a fuzzy logic decision system that helps identify security risks based on the security conceptual model and select appropriate security measures based on security objectives.","PeriodicalId":169370,"journal":{"name":"2013 IEEE Ninth World Congress on Services","volume":"162 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2013-06-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2013 IEEE Ninth World Congress on Services","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SERVICES.2013.28","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 5
Abstract
Service-oriented architectures are increasingly deployed in open, distributed and dynamic environments, which require an end-to-end security awareness security at each phase of the service's lifecycle. Moreover, the security should not only focus on services without considering the risks and threats that might be caused by elements from business activities or underlying hardware and software infrastructure. In this paper, we adopt a holistic approach to define a security conceptual model that covers all elements at the business, service and infrastructure levels and guides each phase in a typical design method for service-oriented architectures. Since the information security is subject to uncertain and unforeseen threats, we propose a fuzzy logic decision system that helps identify security risks based on the security conceptual model and select appropriate security measures based on security objectives.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
