Attack surface-based security metric framework for service selection and composition. (2017)
- Record Type:
- Journal Article
- Title:
- Attack surface-based security metric framework for service selection and composition. (2017)
- Main Title:
- Attack surface-based security metric framework for service selection and composition
- Authors:
- Elshaafi, Hisain
McGibney, Jimmy
Botvich, Dmitri - Abstract:
- Security in service-oriented computing is important in ensuring trustworthiness of services both atomic and composite. However, in order to select and compose services that are most secure and trustworthy, there is a need for metrics to evaluate and rank those services in terms of their security attributes. The area of security metrics and quantification has recently gained significant attention and made some progress. This paper proposes a framework for quantifying security of component services and their compositions based on the concept of attack surfaces to help compose and provide the most trustworthy composite services. The framework allows composite service providers to address multifaceted security issues in composite services and measure improvements resulting from changes to component configurations, application of business process security extensions or other actions.
- Is Part Of:
- International journal of autonomous and adaptive communications systems. Volume 10:Number 1(2017)
- Journal:
- International journal of autonomous and adaptive communications systems
- Issue:
- Volume 10:Number 1(2017)
- Issue Display:
- Volume 10, Issue 1 (2017)
- Year:
- 2017
- Volume:
- 10
- Issue:
- 1
- Issue Sort Value:
- 2017-0010-0001-0000
- Page Start:
- 88
- Page End:
- 113
- Publication Date:
- 2017
- Subjects:
- composite services -- security metrics -- security attributes -- attack surfaces -- trustworthiness -- component services -- business process -- service selection -- service composition -- exploitability -- vulnerability -- service-oriented computing -- service security -- component configurations -- business process security
Adaptive computing systems -- Periodicals
Wireless communication systems -- Periodicals
Computer networks -- Periodicals
004.6 - Journal URLs:
- http://inderscience.metapress.com/content/121122 ↗
http://www.inderscience.com/ ↗ - Languages:
- English
- ISSNs:
- 1754-8632
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - BLDSS-3PM
British Library STI - ELD Digital store - Ingest File:
- 8083.xml