A Framework for Developing Secure Application in Service – Oriented Architecture
Abstract
Service Oriented Architecture (SOA) is one of the most popular concepts to implement different systems. However it faces many challenges in terms of security. As a result, a number of standard and frame works are formed as supporters. The main purpose of this survey is to create a model for a secure Service-oriented Architecture (SOA) based on a formal model specified in the Alloy modeling language. The proposed model is based on the basic SOA as well as CIA and include secure identities, secure interaction, secure publish and secure discover. To validate that our model is secure, we created an Alloy model for security. We create predicates that model our security definitions and the obstacles which violate these security definitions. Then we use each security definition against the obstacle that violates it to define secure elements in our model.
Keywords
SOA; Confidentiality Integrity Availability (CIA); authentication; authorization; non-repudiation; alloy