Best-practice patterns and tool support for configuring secure Web services messaging

Best-practice patterns and tool support for configuring secure Web services messaging

This paper presents an emerging tool for security configuration of service-oriented architectures with Web Services. Security is a major concern when implementing mission-critical business transactions and such concern motivated the development of Web Services Security (WS-Security). However, the ex...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Tatsubori, M., Imamura, T., Nakamura, Y.
Format: Tagungsbericht
Sprache:eng
Schlagworte:
Application software
Cryptography
Data security
Laboratories
Mission critical systems
Service oriented architecture
Standardization
Usability
Web and internet services
Web services
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
container_end_page 251
container_issue
container_start_page 244
container_title
container_volume
creator Tatsubori, M.
Imamura, T.
Nakamura, Y.
description This paper presents an emerging tool for security configuration of service-oriented architectures with Web Services. Security is a major concern when implementing mission-critical business transactions and such concern motivated the development of Web Services Security (WS-Security). However, the existing tools for configuring the security properties of Web Services give a technology-oriented view, and only assist in choosing the data to encrypt and selecting an encryption algorithm. The users must construct their own mental models of how the security configurations actually relate to business policies. In contrast, the tool described here gives a simplified, business-policy-oriented view. It models the messaging with customers and business partners, lists various threats, and presents best-practice security patterns against the threats. A user can select among variations on the basic patterns according to the business policies, and then apply them to the messaging model through the GUI. The result of the pattern application is described in the Web Services Security Policy Language (WS-Security Policy).
doi_str_mv 10.1109/ICWS.2004.1314745
format Conference Proceeding
fullrecord <record><control><sourceid>ieee_6IE</sourceid><recordid>TN_cdi_ieee_primary_1314745</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>1314745</ieee_id><sourcerecordid>1314745</sourcerecordid><originalsourceid>FETCH-LOGICAL-i239t-ca34017410c47e34213a3dc37bc006d3cd7ec312af6fb3ebb2adb7db56a493683</originalsourceid><addsrcrecordid>eNotj89KxDAYxAMiqOs-gHjJC7Qm-dKkPWpRd2HBgy57XPLna4nstiVJBd_egjuXGfgxA0PIA2cl56x52raHz1IwJksOXGpZXZE7plVTCa403JB1St9sUVXVTa1uyf4FUy6maFwODulkcsY4JGoGT_M4nmiap2mMmXZjpG4cutDPMQw9TejmiPSAdonxZyknesaUTL_Qe3LdmVPC9cVXZP_2-tVuit3H-7Z93hVBQJMLZ0AyriVnTmoEKTgY8A60dYwpD85rdMCF6VRnAa0VxlvtbaWMbEDVsCKP_7sBEY9TDGcTf4-X5_AHvutQiw</addsrcrecordid><sourcetype>Publisher</sourcetype><iscdi>true</iscdi><recordtype>conference_proceeding</recordtype></control><display><type>conference_proceeding</type><title>Best-practice patterns and tool support for configuring secure Web services messaging</title><source>IEEE Electronic Library (IEL) Conference Proceedings</source><creator>Tatsubori, M. ; Imamura, T. ; Nakamura, Y.</creator><creatorcontrib>Tatsubori, M. ; Imamura, T. ; Nakamura, Y.</creatorcontrib><description>This paper presents an emerging tool for security configuration of service-oriented architectures with Web Services. Security is a major concern when implementing mission-critical business transactions and such concern motivated the development of Web Services Security (WS-Security). However, the existing tools for configuring the security properties of Web Services give a technology-oriented view, and only assist in choosing the data to encrypt and selecting an encryption algorithm. The users must construct their own mental models of how the security configurations actually relate to business policies. In contrast, the tool described here gives a simplified, business-policy-oriented view. It models the messaging with customers and business partners, lists various threats, and presents best-practice security patterns against the threats. A user can select among variations on the basic patterns according to the business policies, and then apply them to the messaging model through the GUI. The result of the pattern application is described in the Web Services Security Policy Language (WS-Security Policy).</description><identifier>ISBN: 0769521673</identifier><identifier>ISBN: 9780769521671</identifier><identifier>DOI: 10.1109/ICWS.2004.1314745</identifier><language>eng</language><publisher>IEEE</publisher><subject>Application software ; Cryptography ; Data security ; Laboratories ; Mission critical systems ; Service oriented architecture ; Standardization ; Usability ; Web and internet services ; Web services</subject><ispartof>Proceedings. IEEE International Conference on Web Services, 2004, 2004, p.244-251</ispartof><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/1314745$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>309,310,780,784,789,790,2058,4050,4051,27925,54920</link.rule.ids><linktorsrc>$$Uhttps://ieeexplore.ieee.org/document/1314745$$EView_record_in_IEEE$$FView_record_in_$$GIEEE</linktorsrc></links><search><creatorcontrib>Tatsubori, M.</creatorcontrib><creatorcontrib>Imamura, T.</creatorcontrib><creatorcontrib>Nakamura, Y.</creatorcontrib><title>Best-practice patterns and tool support for configuring secure Web services messaging</title><title>Proceedings. IEEE International Conference on Web Services, 2004</title><addtitle>ICWS</addtitle><description>This paper presents an emerging tool for security configuration of service-oriented architectures with Web Services. Security is a major concern when implementing mission-critical business transactions and such concern motivated the development of Web Services Security (WS-Security). However, the existing tools for configuring the security properties of Web Services give a technology-oriented view, and only assist in choosing the data to encrypt and selecting an encryption algorithm. The users must construct their own mental models of how the security configurations actually relate to business policies. In contrast, the tool described here gives a simplified, business-policy-oriented view. It models the messaging with customers and business partners, lists various threats, and presents best-practice security patterns against the threats. A user can select among variations on the basic patterns according to the business policies, and then apply them to the messaging model through the GUI. The result of the pattern application is described in the Web Services Security Policy Language (WS-Security Policy).</description><subject>Application software</subject><subject>Cryptography</subject><subject>Data security</subject><subject>Laboratories</subject><subject>Mission critical systems</subject><subject>Service oriented architecture</subject><subject>Standardization</subject><subject>Usability</subject><subject>Web and internet services</subject><subject>Web services</subject><isbn>0769521673</isbn><isbn>9780769521671</isbn><fulltext>true</fulltext><rsrctype>conference_proceeding</rsrctype><creationdate>2004</creationdate><recordtype>conference_proceeding</recordtype><sourceid>6IE</sourceid><sourceid>RIE</sourceid><recordid>eNotj89KxDAYxAMiqOs-gHjJC7Qm-dKkPWpRd2HBgy57XPLna4nstiVJBd_egjuXGfgxA0PIA2cl56x52raHz1IwJksOXGpZXZE7plVTCa403JB1St9sUVXVTa1uyf4FUy6maFwODulkcsY4JGoGT_M4nmiap2mMmXZjpG4cutDPMQw9TejmiPSAdonxZyknesaUTL_Qe3LdmVPC9cVXZP_2-tVuit3H-7Z93hVBQJMLZ0AyriVnTmoEKTgY8A60dYwpD85rdMCF6VRnAa0VxlvtbaWMbEDVsCKP_7sBEY9TDGcTf4-X5_AHvutQiw</recordid><startdate>2004</startdate><enddate>2004</enddate><creator>Tatsubori, M.</creator><creator>Imamura, T.</creator><creator>Nakamura, Y.</creator><general>IEEE</general><scope>6IE</scope><scope>6IL</scope><scope>CBEJK</scope><scope>RIE</scope><scope>RIL</scope></search><sort><creationdate>2004</creationdate><title>Best-practice patterns and tool support for configuring secure Web services messaging</title><author>Tatsubori, M. ; Imamura, T. ; Nakamura, Y.</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-i239t-ca34017410c47e34213a3dc37bc006d3cd7ec312af6fb3ebb2adb7db56a493683</frbrgroupid><rsrctype>conference_proceedings</rsrctype><prefilter>conference_proceedings</prefilter><language>eng</language><creationdate>2004</creationdate><topic>Application software</topic><topic>Cryptography</topic><topic>Data security</topic><topic>Laboratories</topic><topic>Mission critical systems</topic><topic>Service oriented architecture</topic><topic>Standardization</topic><topic>Usability</topic><topic>Web and internet services</topic><topic>Web services</topic><toplevel>online_resources</toplevel><creatorcontrib>Tatsubori, M.</creatorcontrib><creatorcontrib>Imamura, T.</creatorcontrib><creatorcontrib>Nakamura, Y.</creatorcontrib><collection>IEEE Electronic Library (IEL) Conference Proceedings</collection><collection>IEEE Proceedings Order Plan All Online (POP All Online) 1998-present by volume</collection><collection>IEEE Xplore All Conference Proceedings</collection><collection>IEEE Electronic Library (IEL)</collection><collection>IEEE Proceedings Order Plans (POP All) 1998-Present</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Tatsubori, M.</au><au>Imamura, T.</au><au>Nakamura, Y.</au><format>book</format><genre>proceeding</genre><ristype>CONF</ristype><atitle>Best-practice patterns and tool support for configuring secure Web services messaging</atitle><btitle>Proceedings. IEEE International Conference on Web Services, 2004</btitle><stitle>ICWS</stitle><date>2004</date><risdate>2004</risdate><spage>244</spage><epage>251</epage><pages>244-251</pages><isbn>0769521673</isbn><isbn>9780769521671</isbn><abstract>This paper presents an emerging tool for security configuration of service-oriented architectures with Web Services. Security is a major concern when implementing mission-critical business transactions and such concern motivated the development of Web Services Security (WS-Security). However, the existing tools for configuring the security properties of Web Services give a technology-oriented view, and only assist in choosing the data to encrypt and selecting an encryption algorithm. The users must construct their own mental models of how the security configurations actually relate to business policies. In contrast, the tool described here gives a simplified, business-policy-oriented view. It models the messaging with customers and business partners, lists various threats, and presents best-practice security patterns against the threats. A user can select among variations on the basic patterns according to the business policies, and then apply them to the messaging model through the GUI. The result of the pattern application is described in the Web Services Security Policy Language (WS-Security Policy).</abstract><pub>IEEE</pub><doi>10.1109/ICWS.2004.1314745</doi><tpages>8</tpages></addata></record>
fulltext fulltext_linktorsrc
identifier ISBN: 0769521673
ispartof Proceedings. IEEE International Conference on Web Services, 2004, 2004, p.244-251
issn
language eng
recordid cdi_ieee_primary_1314745
source IEEE Electronic Library (IEL) Conference Proceedings
subjects Application software
Cryptography
Data security
Laboratories
Mission critical systems
Service oriented architecture
Standardization
Usability
Web and internet services
Web services
title Best-practice patterns and tool support for configuring secure Web services messaging
url https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2024-12-29T02%3A10%3A01IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-ieee_6IE&rft_val_fmt=info:ofi/fmt:kev:mtx:book&rft.genre=proceeding&rft.atitle=Best-practice%20patterns%20and%20tool%20support%20for%20configuring%20secure%20Web%20services%20messaging&rft.btitle=Proceedings.%20IEEE%20International%20Conference%20on%20Web%20Services,%202004&rft.au=Tatsubori,%20M.&rft.date=2004&rft.spage=244&rft.epage=251&rft.pages=244-251&rft.isbn=0769521673&rft.isbn_list=9780769521671&rft_id=info:doi/10.1109/ICWS.2004.1314745&rft_dat=%3Cieee_6IE%3E1314745%3C/ieee_6IE%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rft_ieee_id=1314745&rfr_iscdi=true