Service-oriented architectures (SOAs) with web services have become commonplace in business and government application development. One reason that web services should facilitate application implementation and deployment is their use of standards to provide clear descriptions of service expectations. However, when reliance on these standards is mandatory, such as in the case of guaranteeing the SOA meets specific security and information assurance constraints, design and development difficulties arise due to the magnitude of standards available, their cross referencing, and dependencies. This paper introduces a framework to provide the foundation for a security meta-language (SML) that models the security relevant portions of the standards for their consistent, comprehensive, and correct application. The goal of the framework is for security constraints and the SOA application domain to filter the model entities for the SML to define the proper message structure and content that each service in the SOA must have.
[1]
David Carlson,et al.
Modeling XML Applications with UML: Practical e-Business Applications
,
2001
.
[2]
Bhavani M. Thuraisingham,et al.
Security standards for the semantic web
,
2005,
Comput. Stand. Interfaces.
[3]
Fred L. Kitchens,et al.
Web Services Architecture for M-Learning.
,
2004
.
[4]
David M. Booth,et al.
Web Services Architecture
,
2004
.
[5]
Bernhard Bauer,et al.
Creating a Meta-Model for Semantic Web Service Standards
,
2007,
WEBIST.
[6]
Rose F. Gamble,et al.
Security Controls Applied to Web Service Architectures
,
2010,
SEDE.