Extending a Secure System Development Methodology to SOA

The design of secure service-oriented architectures presents a new set of challenges for the designer. While security standards do provide some solutions, a secure system is one in which security is built in right from the start, not after a design approach has been decided. We have presented a meth...

Full description

Saved in:
Bibliographic Details
Main Authors: Fernandez, E.B., Cholmondeley, P., Zimmermann, O.
Format: Conference Proceeding
Language:English
Subjects:
Application software
Authorization
Computer science
Decision trees
Expert systems
Humans
Security
Semiconductor optical amplifiers
Service oriented architecture
Online Access:Request full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:The design of secure service-oriented architectures presents a new set of challenges for the designer. While security standards do provide some solutions, a secure system is one in which security is built in right from the start, not after a design approach has been decided. We have presented a methodology to build secure systems using patterns. We extend it now to service-oriented analysis and design, adapting the use of a tree with architectural decisions to include also security decisions. This decision tree makes architectural knowledge explicit and reusable and has value on its own right, independent of SOA and our methodology.
ISSN:1529-4188
2378-3915
DOI:10.1109/DEXA.2007.104