Evaluating fault tolerance in security requirements of web services
It is impossible to identify all of the internal and external security faults (vulnerabilities and threats) during the security analysis of web services. Hence, complete fault prevention would be impossible and consequently a security failure may occur within the system. To avoid security failures,...
Gespeichert in:
| Hauptverfasser: | , , |
|---|---|
| Format: | Tagungsbericht |
| Sprache: | eng |
| Schlagworte: | |
| Online-Zugang: | Volltext bestellen |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| container_end_page | 116 |
|---|---|
| container_issue | |
| container_start_page | 111 |
| container_title | |
| container_volume | |
| creator | Mougouei, D. Rahman, W. N. W. A. Moein Almasi, Mohammad |
| description | It is impossible to identify all of the internal and external security faults (vulnerabilities and threats) during the security analysis of web services. Hence, complete fault prevention would be impossible and consequently a security failure may occur within the system. To avoid security failures, we need to provide a measurable level of fault tolerance in the security requirements of target web service. Although there are some approaches toward assessing the security of web services but still there is no well-defined evaluation model for security improvement specifically during the requirement engineering phase. This paper introduces a measurement model for evaluating the degree of fault tolerance (FTMM) in security requirements of web services by explicitly factoring the mitigation techniques into the evaluation process which eventually contributes to required level of fault tolerance in security requirements. Our approach evaluates overall tolerance of the target service in the presence of the security faults through evaluating the computational security requirement model (SRM) of the service. We measure fault tolerance of the target web service by taking into consideration the cost, technical ability, impact and flexibility of the security goals established to mitigate the security faults. |
| doi_str_mv | 10.1109/CyberSec.2012.6246125 |
| format | Conference Proceeding |
| fullrecord | <record><control><sourceid>ieee_6IE</sourceid><recordid>TN_cdi_ieee_primary_6246125</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>6246125</ieee_id><sourcerecordid>6246125</sourcerecordid><originalsourceid>FETCH-LOGICAL-i90t-be6b02184137750027d00bf3fb17ea2a39c7c66c95354e75bca58e5818ef884f3</originalsourceid><addsrcrecordid>eNpVj9tKxDAYhCMiKGufQIS8QGv-nHspZT3Aghfu_ZLEPxLpdjVpV_r2FtybnZthvoGBIeQeWAPA2odu9pjfMTScAW80lxq4uiBVayxIbQRILuXlWVZwTapSvtiihQLoG9Ktj66f3JiGTxrd1I90PPSY3RCQpoEWDFNO40wz_kwp4x6HsdBDpL_olzIfU8ByS66i6wtWJ1-R7dN6273Um7fn1-5xU6eWjbVH7RkHK0EYoxjj5oMxH0X0YNBxJ9pggtahVUJJNMoHpywqCxajtTKKFbn7n02IuPvOae_yvDs9F3-Aek4P</addsrcrecordid><sourcetype>Publisher</sourcetype><iscdi>true</iscdi><recordtype>conference_proceeding</recordtype></control><display><type>conference_proceeding</type><title>Evaluating fault tolerance in security requirements of web services</title><source>IEEE Electronic Library (IEL) Conference Proceedings</source><creator>Mougouei, D. ; Rahman, W. N. W. A. ; Moein Almasi, Mohammad</creator><creatorcontrib>Mougouei, D. ; Rahman, W. N. W. A. ; Moein Almasi, Mohammad</creatorcontrib><description>It is impossible to identify all of the internal and external security faults (vulnerabilities and threats) during the security analysis of web services. Hence, complete fault prevention would be impossible and consequently a security failure may occur within the system. To avoid security failures, we need to provide a measurable level of fault tolerance in the security requirements of target web service. Although there are some approaches toward assessing the security of web services but still there is no well-defined evaluation model for security improvement specifically during the requirement engineering phase. This paper introduces a measurement model for evaluating the degree of fault tolerance (FTMM) in security requirements of web services by explicitly factoring the mitigation techniques into the evaluation process which eventually contributes to required level of fault tolerance in security requirements. Our approach evaluates overall tolerance of the target service in the presence of the security faults through evaluating the computational security requirement model (SRM) of the service. We measure fault tolerance of the target web service by taking into consideration the cost, technical ability, impact and flexibility of the security goals established to mitigate the security faults.</description><identifier>ISBN: 9781467314251</identifier><identifier>ISBN: 1467314250</identifier><identifier>EISBN: 9781467314244</identifier><identifier>EISBN: 1467314242</identifier><identifier>EISBN: 1467314269</identifier><identifier>EISBN: 9781467314268</identifier><identifier>DOI: 10.1109/CyberSec.2012.6246125</identifier><language>eng</language><publisher>IEEE</publisher><subject>Discrete Fourier transforms ; Equations ; Fault tolerance ; Fault tolerant systems ; Mathematical model ; Security ; security fault ; threat ; vulnerability ; web service ; Web services</subject><ispartof>Proceedings Title: 2012 International Conference on Cyber Security, Cyber Warfare and Digital Forensic (CyberSec), 2012, p.111-116</ispartof><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/6246125$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>309,310,776,780,785,786,2051,27904,54899</link.rule.ids><linktorsrc>$$Uhttps://ieeexplore.ieee.org/document/6246125$$EView_record_in_IEEE$$FView_record_in_$$GIEEE</linktorsrc></links><search><creatorcontrib>Mougouei, D.</creatorcontrib><creatorcontrib>Rahman, W. N. W. A.</creatorcontrib><creatorcontrib>Moein Almasi, Mohammad</creatorcontrib><title>Evaluating fault tolerance in security requirements of web services</title><title>Proceedings Title: 2012 International Conference on Cyber Security, Cyber Warfare and Digital Forensic (CyberSec)</title><addtitle>CyberSec</addtitle><description>It is impossible to identify all of the internal and external security faults (vulnerabilities and threats) during the security analysis of web services. Hence, complete fault prevention would be impossible and consequently a security failure may occur within the system. To avoid security failures, we need to provide a measurable level of fault tolerance in the security requirements of target web service. Although there are some approaches toward assessing the security of web services but still there is no well-defined evaluation model for security improvement specifically during the requirement engineering phase. This paper introduces a measurement model for evaluating the degree of fault tolerance (FTMM) in security requirements of web services by explicitly factoring the mitigation techniques into the evaluation process which eventually contributes to required level of fault tolerance in security requirements. Our approach evaluates overall tolerance of the target service in the presence of the security faults through evaluating the computational security requirement model (SRM) of the service. We measure fault tolerance of the target web service by taking into consideration the cost, technical ability, impact and flexibility of the security goals established to mitigate the security faults.</description><subject>Discrete Fourier transforms</subject><subject>Equations</subject><subject>Fault tolerance</subject><subject>Fault tolerant systems</subject><subject>Mathematical model</subject><subject>Security</subject><subject>security fault</subject><subject>threat</subject><subject>vulnerability</subject><subject>web service</subject><subject>Web services</subject><isbn>9781467314251</isbn><isbn>1467314250</isbn><isbn>9781467314244</isbn><isbn>1467314242</isbn><isbn>1467314269</isbn><isbn>9781467314268</isbn><fulltext>true</fulltext><rsrctype>conference_proceeding</rsrctype><creationdate>2012</creationdate><recordtype>conference_proceeding</recordtype><sourceid>6IE</sourceid><sourceid>RIE</sourceid><recordid>eNpVj9tKxDAYhCMiKGufQIS8QGv-nHspZT3Aghfu_ZLEPxLpdjVpV_r2FtybnZthvoGBIeQeWAPA2odu9pjfMTScAW80lxq4uiBVayxIbQRILuXlWVZwTapSvtiihQLoG9Ktj66f3JiGTxrd1I90PPSY3RCQpoEWDFNO40wz_kwp4x6HsdBDpL_olzIfU8ByS66i6wtWJ1-R7dN6273Um7fn1-5xU6eWjbVH7RkHK0EYoxjj5oMxH0X0YNBxJ9pggtahVUJJNMoHpywqCxajtTKKFbn7n02IuPvOae_yvDs9F3-Aek4P</recordid><startdate>201206</startdate><enddate>201206</enddate><creator>Mougouei, D.</creator><creator>Rahman, W. N. W. A.</creator><creator>Moein Almasi, Mohammad</creator><general>IEEE</general><scope>6IE</scope><scope>6IL</scope><scope>CBEJK</scope><scope>RIE</scope><scope>RIL</scope></search><sort><creationdate>201206</creationdate><title>Evaluating fault tolerance in security requirements of web services</title><author>Mougouei, D. ; Rahman, W. N. W. A. ; Moein Almasi, Mohammad</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-i90t-be6b02184137750027d00bf3fb17ea2a39c7c66c95354e75bca58e5818ef884f3</frbrgroupid><rsrctype>conference_proceedings</rsrctype><prefilter>conference_proceedings</prefilter><language>eng</language><creationdate>2012</creationdate><topic>Discrete Fourier transforms</topic><topic>Equations</topic><topic>Fault tolerance</topic><topic>Fault tolerant systems</topic><topic>Mathematical model</topic><topic>Security</topic><topic>security fault</topic><topic>threat</topic><topic>vulnerability</topic><topic>web service</topic><topic>Web services</topic><toplevel>online_resources</toplevel><creatorcontrib>Mougouei, D.</creatorcontrib><creatorcontrib>Rahman, W. N. W. A.</creatorcontrib><creatorcontrib>Moein Almasi, Mohammad</creatorcontrib><collection>IEEE Electronic Library (IEL) Conference Proceedings</collection><collection>IEEE Proceedings Order Plan All Online (POP All Online) 1998-present by volume</collection><collection>IEEE Xplore All Conference Proceedings</collection><collection>IEEE Electronic Library (IEL)</collection><collection>IEEE Proceedings Order Plans (POP All) 1998-Present</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Mougouei, D.</au><au>Rahman, W. N. W. A.</au><au>Moein Almasi, Mohammad</au><format>book</format><genre>proceeding</genre><ristype>CONF</ristype><atitle>Evaluating fault tolerance in security requirements of web services</atitle><btitle>Proceedings Title: 2012 International Conference on Cyber Security, Cyber Warfare and Digital Forensic (CyberSec)</btitle><stitle>CyberSec</stitle><date>2012-06</date><risdate>2012</risdate><spage>111</spage><epage>116</epage><pages>111-116</pages><isbn>9781467314251</isbn><isbn>1467314250</isbn><eisbn>9781467314244</eisbn><eisbn>1467314242</eisbn><eisbn>1467314269</eisbn><eisbn>9781467314268</eisbn><abstract>It is impossible to identify all of the internal and external security faults (vulnerabilities and threats) during the security analysis of web services. Hence, complete fault prevention would be impossible and consequently a security failure may occur within the system. To avoid security failures, we need to provide a measurable level of fault tolerance in the security requirements of target web service. Although there are some approaches toward assessing the security of web services but still there is no well-defined evaluation model for security improvement specifically during the requirement engineering phase. This paper introduces a measurement model for evaluating the degree of fault tolerance (FTMM) in security requirements of web services by explicitly factoring the mitigation techniques into the evaluation process which eventually contributes to required level of fault tolerance in security requirements. Our approach evaluates overall tolerance of the target service in the presence of the security faults through evaluating the computational security requirement model (SRM) of the service. We measure fault tolerance of the target web service by taking into consideration the cost, technical ability, impact and flexibility of the security goals established to mitigate the security faults.</abstract><pub>IEEE</pub><doi>10.1109/CyberSec.2012.6246125</doi><tpages>6</tpages></addata></record> |
| fulltext | fulltext_linktorsrc |
| identifier | ISBN: 9781467314251 |
| ispartof | Proceedings Title: 2012 International Conference on Cyber Security, Cyber Warfare and Digital Forensic (CyberSec), 2012, p.111-116 |
| issn | |
| language | eng |
| recordid | cdi_ieee_primary_6246125 |
| source | IEEE Electronic Library (IEL) Conference Proceedings |
| subjects | Discrete Fourier transforms Equations Fault tolerance Fault tolerant systems Mathematical model Security security fault threat vulnerability web service Web services |
| title | Evaluating fault tolerance in security requirements of web services |
| url | https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-23T09%3A06%3A44IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-ieee_6IE&rft_val_fmt=info:ofi/fmt:kev:mtx:book&rft.genre=proceeding&rft.atitle=Evaluating%20fault%20tolerance%20in%20security%20requirements%20of%20web%20services&rft.btitle=Proceedings%20Title:%202012%20International%20Conference%20on%20Cyber%20Security,%20Cyber%20Warfare%20and%20Digital%20Forensic%20(CyberSec)&rft.au=Mougouei,%20D.&rft.date=2012-06&rft.spage=111&rft.epage=116&rft.pages=111-116&rft.isbn=9781467314251&rft.isbn_list=1467314250&rft_id=info:doi/10.1109/CyberSec.2012.6246125&rft_dat=%3Cieee_6IE%3E6246125%3C/ieee_6IE%3E%3Curl%3E%3C/url%3E&rft.eisbn=9781467314244&rft.eisbn_list=1467314242&rft.eisbn_list=1467314269&rft.eisbn_list=9781467314268&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rft_ieee_id=6246125&rfr_iscdi=true |