International Journal of Sensors, Wireless Communications and Control

Author(s): Anurag Shashwat *, Deepak Kumar and Lovneesh Chanana

DOI: 10.2174/2210327909666190710122505

A Framework with Enhanced Security for Service Oriented Architecture

Page: [325 - 333] Pages: 9

  • * (Excluding Mailing and Handling)

Abstract

Background: Service Oriented Architecture is one of the acceptable frameworks for application development which provides better functionality such as composability, reliability, reusability, distributed deployment and interoperability which meet enterprises dynamics. So, SOA framework is a point of attraction for consumers.

Objectives: However, SOA framework fails to provide security at a granular level. Along with SOA functionality, the consumer also needs a secure environment so that each application can be reliable.

Methods: SOA functionality like modularity and reusability are helpful in cross-organization context but these quality requirements reduce the security of the applications. In the past years, many security techniques have been provided by different researchers, still, security is a concern of SOA framework.

Result: Most of the research focus security enhancement at higher layers of SOA reference architecture only so that SOA functionality remains unaffected. In this paper, the author(s) provided a framework which enhances the security at both the higher layer and lower layer.

Conclusion: Also, this framework focuses on security enhancement at the granular level so that application-level security can be enhanced. The author(s) also included a technique to keep SLA similar to the exiting application after the implementation of security at each layer. This framework will be helpful in enhancing the end to end security and reliability of an application.

Keywords: Framework, securiy, reliability, service level agreement, SOA framework, modularity.

Graphical Abstract

[1]
Shashwat A, Kumar D, Chanana L. An end to end security framework for service oriented architecture. 2017 International Conference on Infocom Technologies and Unmanned Systems (Trends and Future Directions) (ICTUS), Dubai, United Arab Emirates.
[2]
Shashwat A, Kumar D. A service identification model for service oriented architecture. 2017 3rd International Conference on Computational Intelligence Communication Technology (CICT) Ghaziabad, India.
[3]
Shashwat A, Kumar D. Service identification by enhanced K mean algorithm in service oriented architecture. Int J Process Manag Benchmark 2020; 1: 132-46.
[4]
Masood A. Cyber security for service oriented architectures in a Web 2.0 world: An overview of SOA vulnerabilities in financial services. 2013 IEEE International Conference on Technologies for Homeland Security (HST)., Waltham, MA, USA.
[5]
Badr Y, Banerjee S. Managing end-to-end security risks with fuzzy logic in service-oriented architectures. 2013 IEEE Ninth World Congress on Services Santa Clara, CA, USA.
[6]
Mehdi A, Bharat B, Pelin A, et al. An end-to-end security auditing approach for service-oriented architectures. 2012 IEEE 31st Symposium on Reliable Distributed Systems, Irvine, CA, USA.
[7]
Ouda AH, Allison DS, Capretz MAM. Security protocols in service-oriented architecture. 2010 6th World Congress on Services., Miami, FL, Florida.
[8]
Borek M, Moebius N, Stenzel K, Reif W. Model-driven development of secure service applications. 2012 35th Annual IEEE Software Engineering Workshop Heraclion Crete, Greece.
[9]
Wada H, Suzuki J, Oba K. A service-oriented design framework for secure network applications. 30th Annual International Computer Software and Applications Conference (COMPSAC’06) Chicago, IL, Illinois.
[10]
Michael P. Web services technology in support of business transactions 2007.
[11]
Sietse O, Marijn J, Bommel P. Designing, formalizing, and evaluating a flexible architecture for integrated service delivery: Combining event-driven and service-oriented architectures. Service Orient Comput Appl 2012; 6(3): 1-10.
[12]
Karastoyanova D, Houspanossian A, Cilia M, Leymann F, Buchmann A. Extending BPEL for run time adaptability. Ninth IEEE International EDOC Enterprise Computing Conference (EDOC’05). Enschede, Netherlands.
[13]
Ali A. Service Oriented Architecture and Process, Research paper 2006.
[14]
Arsanjani A, Ghosh S, Allam A, Abdollah T, Ganapathy S, Holley K. SOMA: “A method for developing service-oriented solutions. IBM Syst J 2008; 47(3): 377-96.
[http://dx.doi.org/10.1147/sj.473.0377]
[15]
Endrei M. Patterns: Service-oriented Architecture and Web Services Redbook 2004.
[16]
Thomas E. Service-oriented architecture: Concepts. Technology, and Design ACM Digital Library 2005.
[17]
Mohamed IB, Mohamed SAR. Identifying SOA security threats using web mining. Int J Comput Appl 2015; 120(4): 8-15.
[18]
Jamshidi P, Sharif M, Mansour S. Establish enterprise service model from enterprise business model. IEEE Int Conf Serv Comput 2008; 1: 93-100.
[19]
Meier F. Service oriented architecture maturity models: A guide to SOA Adoption 2006.
[20]
Veger M. A stage maturity model for the adoption of an enterprise wide service-oriented architecture. SMM-SOA 2008.
[21]
Chou DC, Yurov K. Security development in web services environment. Comput Stand Interfaces 2005; 27(3): 233-40.
[http://dx.doi.org/10.1016/S0920-5489(04)00099-6]
[22]
Deepali T. Towards introducing and implementation of SOA design antipatterns. Int J Comput Theory Eng 2014; 6(1): 20-5.
[23]
Srinivasan L. An overview of Service Oriented Architecture, Web Services and Grid Computing HP (Hewlett Packard) White Paper 2006.
[24]
Mohtashim AB. Umm-e- Habiba, Farooque A. Limitations of Service Oriented Architecture and its Combination with Cloud Computing. Uni J Inform Tongxin Jishu 2015; 8(1): 1.
[25]
Joshi J, Singh N. kumara M. Web service oriented architecture modeling with pattern for electronic business organization. Int J Adv Res Comput Sci Softw Eng 2012; 2(9): 1-14.