Creator of Knowledge
Information Resources Management Association
Advancing the Concepts & Practices of Information Resources Management in Modern Organizations

Ontology-Based Security Specification Tools for SOA

Ontology-Based Security Specification Tools for SOA
View Free PDF
Author(s): Myong Kang (Naval Research Laboratory, USA), Anya Kim (Naval Research Laboratory, USA), Jim Lo (Naval Research Laboratory, USA), Bruce Montrose (Naval Research Laboratory, USA) and Amit Khashnobish (Naval Research Laboratory, USA)
Copyright: 2006
Pages: 4
Source title: Emerging Trends and Challenges in Information Technology Management
Source Editor(s): Mehdi Khosrow-Pour, D.B.A. (Information Resources Management Association, USA)
DOI: 10.4018/978-1-59904-019-6.ch166
ISBN13: 9781616921286
EISBN13: 9781466665361


Service Oriented Architecture (SOA) is an emerging paradigm for distributed computing. Web services and SOA aim to provide unobtrusive access to resources and data. However, risks and threats on the Internet compel us to protect and limit access to these same resources through security policies and mechanisms. Therefore, the success of SOA relies heavily on the ability to communicate the relevant security information required to access these resources in a machine- understandable manner. In this paper, we introduce a set of (prototype) tools that enable the specification of ontology-based security information for each layer of the SOA. They build upon existing technology standards and enable dynamic discovery of Web services. Every well-thought out security requirement has some reasons/justifications behind it. However, oftentimes the justification or context is not well documented or disconnected from the requirement. Our tools will present an application- centric view of the SOA and capture the context information from which security requirements are derived.

Body Bottom