Extending a Secure System Development Methodology to SOA

The design of secure service-oriented architectures presents a new set of challenges for the designer. While security standards do provide some solutions, a secure system is one in which security is built in right from the start, not after a design approach has been decided. We have presented a meth...

Full description

Saved in:
Bibliographic Details
Main Authors: Fernandez, E.B., Cholmondeley, P., Zimmermann, O.
Format: Conference Proceeding
Language:English
Subjects:
Application software
Authorization
Computer science
Decision trees
Expert systems
Humans
Security
Semiconductor optical amplifiers
Service oriented architecture
Online Access:Request full text
Tags: Add Tag
No Tags, Be the first to tag this record!
cited_by
cites
container_end_page 754
container_issue
container_start_page 749
container_title
container_volume
creator Fernandez, E.B.
Cholmondeley, P.
Zimmermann, O.
description The design of secure service-oriented architectures presents a new set of challenges for the designer. While security standards do provide some solutions, a secure system is one in which security is built in right from the start, not after a design approach has been decided. We have presented a methodology to build secure systems using patterns. We extend it now to service-oriented analysis and design, adapting the use of a tree with architectural decisions to include also security decisions. This decision tree makes architectural knowledge explicit and reusable and has value on its own right, independent of SOA and our methodology.
doi_str_mv 10.1109/DEXA.2007.104
format conference_proceeding
fullrecord <record><control><sourceid>ieee_CHZPO</sourceid><recordid>TN_cdi_ieee_primary_4312994</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>4312994</ieee_id><sourcerecordid>4312994</sourcerecordid><originalsourceid>FETCH-LOGICAL-i175t-2f13094533925c08627d9a4137a5326aaa460677ffe11c6c07928624c907f0813</originalsourceid><addsrcrecordid>eNotjMtOwzAQAC0eEm3hyImLfyBh13Zi7zFqw0Mq6iEgcausZFOC8qgSg8jfUwlOM4fRCHGLECMC3W_y9yxWADZGMGdiobR1kSZMzsUSbEqJIq3wQizwZJFB567Ecpo-AZDI6YVw-U_gvmr6g_Sy4PJrZFnMU-BObvib2-HYcR_kC4ePoRra4TDLMMhil12Ly9q3E9_8cyXeHvLX9VO03T0-r7Nt1KBNQqRq1EAm0ZpUUoJLla3IG9TWJ1ql3nuTQmptXTNimZZgSZ0iUxLYGhzqlbj7-zbMvD-OTefHeW80KiKjfwH2KETK</addsrcrecordid><sourcetype>Publisher</sourcetype><iscdi>true</iscdi><recordtype>conference_proceeding</recordtype></control><display><type>conference_proceeding</type><title>Extending a Secure System Development Methodology to SOA</title><source>IEEE Xplore All Conference Series</source><creator>Fernandez, E.B. ; Cholmondeley, P. ; Zimmermann, O.</creator><creatorcontrib>Fernandez, E.B. ; Cholmondeley, P. ; Zimmermann, O.</creatorcontrib><description>The design of secure service-oriented architectures presents a new set of challenges for the designer. While security standards do provide some solutions, a secure system is one in which security is built in right from the start, not after a design approach has been decided. We have presented a methodology to build secure systems using patterns. We extend it now to service-oriented analysis and design, adapting the use of a tree with architectural decisions to include also security decisions. This decision tree makes architectural knowledge explicit and reusable and has value on its own right, independent of SOA and our methodology.</description><identifier>ISSN: 1529-4188</identifier><identifier>ISBN: 0769529321</identifier><identifier>ISBN: 9780769529325</identifier><identifier>EISSN: 2378-3915</identifier><identifier>DOI: 10.1109/DEXA.2007.104</identifier><language>eng</language><publisher>IEEE</publisher><subject>Application software ; Authorization ; Computer science ; Decision trees ; Expert systems ; Humans ; Security ; Semiconductor optical amplifiers ; Service oriented architecture</subject><ispartof>18th International Workshop on Database and Expert Systems Applications (DEXA 2007), 2007, p.749-754</ispartof><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/4312994$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>309,310,780,784,789,790,23930,23931,25140,27925,54555,54932</link.rule.ids><linktorsrc>$$Uhttps://ieeexplore.ieee.org/document/4312994$$EView_record_in_IEEE$$FView_record_in_$$GIEEE</linktorsrc></links><search><creatorcontrib>Fernandez, E.B.</creatorcontrib><creatorcontrib>Cholmondeley, P.</creatorcontrib><creatorcontrib>Zimmermann, O.</creatorcontrib><title>Extending a Secure System Development Methodology to SOA</title><title>18th International Workshop on Database and Expert Systems Applications (DEXA 2007)</title><addtitle>DEXA</addtitle><description>The design of secure service-oriented architectures presents a new set of challenges for the designer. While security standards do provide some solutions, a secure system is one in which security is built in right from the start, not after a design approach has been decided. We have presented a methodology to build secure systems using patterns. We extend it now to service-oriented analysis and design, adapting the use of a tree with architectural decisions to include also security decisions. This decision tree makes architectural knowledge explicit and reusable and has value on its own right, independent of SOA and our methodology.</description><subject>Application software</subject><subject>Authorization</subject><subject>Computer science</subject><subject>Decision trees</subject><subject>Expert systems</subject><subject>Humans</subject><subject>Security</subject><subject>Semiconductor optical amplifiers</subject><subject>Service oriented architecture</subject><issn>1529-4188</issn><issn>2378-3915</issn><isbn>0769529321</isbn><isbn>9780769529325</isbn><fulltext>true</fulltext><rsrctype>conference_proceeding</rsrctype><creationdate>2007</creationdate><recordtype>conference_proceeding</recordtype><sourceid>6IE</sourceid><recordid>eNotjMtOwzAQAC0eEm3hyImLfyBh13Zi7zFqw0Mq6iEgcausZFOC8qgSg8jfUwlOM4fRCHGLECMC3W_y9yxWADZGMGdiobR1kSZMzsUSbEqJIq3wQizwZJFB567Ecpo-AZDI6YVw-U_gvmr6g_Sy4PJrZFnMU-BObvib2-HYcR_kC4ePoRra4TDLMMhil12Ly9q3E9_8cyXeHvLX9VO03T0-r7Nt1KBNQqRq1EAm0ZpUUoJLla3IG9TWJ1ql3nuTQmptXTNimZZgSZ0iUxLYGhzqlbj7-zbMvD-OTefHeW80KiKjfwH2KETK</recordid><startdate>200709</startdate><enddate>200709</enddate><creator>Fernandez, E.B.</creator><creator>Cholmondeley, P.</creator><creator>Zimmermann, O.</creator><general>IEEE</general><scope>6IE</scope><scope>6IL</scope><scope>CBEJK</scope><scope>RIE</scope><scope>RIL</scope></search><sort><creationdate>200709</creationdate><title>Extending a Secure System Development Methodology to SOA</title><author>Fernandez, E.B. ; Cholmondeley, P. ; Zimmermann, O.</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-i175t-2f13094533925c08627d9a4137a5326aaa460677ffe11c6c07928624c907f0813</frbrgroupid><rsrctype>conference_proceedings</rsrctype><prefilter>conference_proceedings</prefilter><language>eng</language><creationdate>2007</creationdate><topic>Application software</topic><topic>Authorization</topic><topic>Computer science</topic><topic>Decision trees</topic><topic>Expert systems</topic><topic>Humans</topic><topic>Security</topic><topic>Semiconductor optical amplifiers</topic><topic>Service oriented architecture</topic><toplevel>online_resources</toplevel><creatorcontrib>Fernandez, E.B.</creatorcontrib><creatorcontrib>Cholmondeley, P.</creatorcontrib><creatorcontrib>Zimmermann, O.</creatorcontrib><collection>IEEE Electronic Library (IEL) Conference Proceedings</collection><collection>IEEE Proceedings Order Plan All Online (POP All Online) 1998-present by volume</collection><collection>IEEE Xplore All Conference Proceedings</collection><collection>IEEE Xplore</collection><collection>IEEE Proceedings Order Plans (POP All) 1998-Present</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Fernandez, E.B.</au><au>Cholmondeley, P.</au><au>Zimmermann, O.</au><format>book</format><genre>proceeding</genre><ristype>CONF</ristype><atitle>Extending a Secure System Development Methodology to SOA</atitle><btitle>18th International Workshop on Database and Expert Systems Applications (DEXA 2007)</btitle><stitle>DEXA</stitle><date>2007-09</date><risdate>2007</risdate><spage>749</spage><epage>754</epage><pages>749-754</pages><issn>1529-4188</issn><eissn>2378-3915</eissn><isbn>0769529321</isbn><isbn>9780769529325</isbn><abstract>The design of secure service-oriented architectures presents a new set of challenges for the designer. While security standards do provide some solutions, a secure system is one in which security is built in right from the start, not after a design approach has been decided. We have presented a methodology to build secure systems using patterns. We extend it now to service-oriented analysis and design, adapting the use of a tree with architectural decisions to include also security decisions. This decision tree makes architectural knowledge explicit and reusable and has value on its own right, independent of SOA and our methodology.</abstract><pub>IEEE</pub><doi>10.1109/DEXA.2007.104</doi><tpages>6</tpages></addata></record>
fulltext fulltext_linktorsrc
identifier ISSN: 1529-4188
ispartof 18th International Workshop on Database and Expert Systems Applications (DEXA 2007), 2007, p.749-754
issn 1529-4188
2378-3915
language eng
recordid cdi_ieee_primary_4312994
source IEEE Xplore All Conference Series
subjects Application software
Authorization
Computer science
Decision trees
Expert systems
Humans
Security
Semiconductor optical amplifiers
Service oriented architecture
title Extending a Secure System Development Methodology to SOA
url http://sfxeu10.hosted.exlibrisgroup.com/loughborough?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2024-12-26T17%3A42%3A20IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-ieee_CHZPO&rft_val_fmt=info:ofi/fmt:kev:mtx:book&rft.genre=proceeding&rft.atitle=Extending%20a%20Secure%20System%20Development%20Methodology%20to%20SOA&rft.btitle=18th%20International%20Workshop%20on%20Database%20and%20Expert%20Systems%20Applications%20(DEXA%202007)&rft.au=Fernandez,%20E.B.&rft.date=2007-09&rft.spage=749&rft.epage=754&rft.pages=749-754&rft.issn=1529-4188&rft.eissn=2378-3915&rft.isbn=0769529321&rft.isbn_list=9780769529325&rft_id=info:doi/10.1109/DEXA.2007.104&rft_dat=%3Cieee_CHZPO%3E4312994%3C/ieee_CHZPO%3E%3Cgrp_id%3Ecdi_FETCH-LOGICAL-i175t-2f13094533925c08627d9a4137a5326aaa460677ffe11c6c07928624c907f0813%3C/grp_id%3E%3Coa%3E%3C/oa%3E%3Curl%3E%3C/url%3E&rft_id=info:oai/&rft_id=info:pmid/&rft_ieee_id=4312994&rfr_iscdi=true