{"title":"Service network security management (SNSM) framework, a solution to SOSE security challenge","authors":"M. Ahmed, S. Letchmunan, A. S. Baharudin","doi":"10.1109/ICCSCE.2016.7893576","DOIUrl":null,"url":null,"abstract":"SOSE is a novel software development paradigm that results in flexible, loose-coupled and end-to-end applications. However, the adoption of this innovation is slowed by security challenge. Apparently, the use of only TLS (transport layer security) security technique for SOSE systems is inappropriate because it provides only point-to-point security support to the communicating parties. While, an end-to-end security mechanism is necessary to effectively secure SOSE applications. Consequently, this paper provides SNSM framework, a solution to SOSE security challenge by integrating many technologies including OASIS's web service security standard, W3C's XML digital signature and XML encryption standards into SOAP envelope to ensure end-to-end security at the message level. In the implementation of the framework, proxy service, a virtual service hosted in the Enterprise Service Bus (ESB) was used to enforce security services as a Quality of service (QOS) requirement. The results show that SNSM framework recorded 10 millisecond average response time above unsecured service, whereas, the TLS secured service has the largest average response time.","PeriodicalId":6540,"journal":{"name":"2016 6th IEEE International Conference on Control System, Computing and Engineering (ICCSCE)","volume":"82 1","pages":"228-233"},"PeriodicalIF":0.0000,"publicationDate":"2016-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 6th IEEE International Conference on Control System, Computing and Engineering (ICCSCE)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICCSCE.2016.7893576","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
Abstract
SOSE is a novel software development paradigm that results in flexible, loose-coupled and end-to-end applications. However, the adoption of this innovation is slowed by security challenge. Apparently, the use of only TLS (transport layer security) security technique for SOSE systems is inappropriate because it provides only point-to-point security support to the communicating parties. While, an end-to-end security mechanism is necessary to effectively secure SOSE applications. Consequently, this paper provides SNSM framework, a solution to SOSE security challenge by integrating many technologies including OASIS's web service security standard, W3C's XML digital signature and XML encryption standards into SOAP envelope to ensure end-to-end security at the message level. In the implementation of the framework, proxy service, a virtual service hosted in the Enterprise Service Bus (ESB) was used to enforce security services as a Quality of service (QOS) requirement. The results show that SNSM framework recorded 10 millisecond average response time above unsecured service, whereas, the TLS secured service has the largest average response time.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
