Abstract
Service-oriented Architectures (SOA) are a powerful paradigm to address integration challenges for information technology systems in enterprises. The service-based integration of legacy systems and business partner systems makes it necessary to introduce and adapt suitable SOA security measures in order to secure the enterprise both within and for cross-organizational collaboration. While there is an active research community for SOA security, standard literature on the topic has not yet identified the influence of the SOA paradigm on security aspects in a structured manner, especially in an enterprise context. In our paper, we work towards this goal by identifying the main elements of cross-organizational SOA in the form of a conceptual model and by discussing these elements regarding their impact on security issues. Based on this, research challenges for SOA security are defined and structured.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Krafzig, D., Banke, K., Slama, D.: Enterprise SOA: Service-Oriented Architecture Best Practices. Prentice Hall PTR, Englewood Cliffs (2004)
Melzer, I., et al.: Service-orientierte Architekturen mit Web Services. Konzepte – Standards – Praxis, 2nd edn. Spektrum Akademischer Verlag (2007)
Papazoglou, M.P.: Service-oriented Computing: Concepts, Characteristics and Directions. In: Proceedings of WISE 2003, pp. 3–12 (2003)
Josuttis, N.M.: SOA in Practice: The Art of Distributed System Design. O’Reilly Media, Inc., Sebastopol (2007)
Newcomer, E., Lomow, G.: Understanding SOA with Web Services (Independent Technology Guides). Addison-Wesley, Reading (2004)
Eckert, C.: IT-Sicherheit: Konzepte – Verfahren – Protokolle. Oldenbourg (2007)
Schneier, B.: Secrets and Lies: Digital Security in a Networked World. Wiley, Chichester (2004)
Bishop, M.: Computer Security: Art and Science. Addison-Wesley, Reading (2002)
Kanneganti, R., Chodavarapu, P.: SOA Security. Manning Publications (2008)
Hafner, M., Breu, R.: Security Engineering for Service-Oriented Architectures. Springer, Heidelberg (2008)
Bundesamt für Sicherheit in der Informationstechnik: SOA-Security-Kompendium: Sicherheit in Service-orientierten Architekturen (2008)
Miede, A., Gottron, C., König, A., Nedyalkov, N., Repp, N., Steinmetz, R.: Cross-organizational Security in Distributed Systems. Technical Report KOM-TR-2009-01, Technische Universität Darmstadt (2009)
Erl, T.: Service-Oriented Architecture (SOA): Concepts, Technology, and Design. Prentice Hall PTR, Englewood Cliffs (2005)
Schneier, B.: Beyond Fear: Thinking Sensibly About Security in an Uncertain World. Springer, Heidelberg (May 2003)
Shirey, R.W.: Security Architecture for Internet Protocols: A Guide for Protocol Designs and Standards. Internet Draft (1994), https://datatracker.ietf.org/drafts/draft-irtf-psrg-secarch-sect1/
Anderson, R.J.: Security Engineering: A Guide to Building Dependable Distributed Systems. Wiley, Chichester (2008)
Ross, R., Swanson, M., Stoneburner, G., Katzke, S., Johnson, A.: Guide for the Security Certification and Accreditation of Federal Information Systems. National Institute of Standards and Technology (NIST) Special Publication 800-37 (2004)
Gollmann, D., Massacci, F., Yautsiukhin, A. (eds.): Quality Of Protection: Security Measurements and Metrics. Springer, Heidelberg (2006)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Miede, A., Nedyalkov, N., Schuller, D., Repp, N., Steinmetz, R. (2010). Cross-Organizational Security – The Service-Oriented Difference. In: Dan, A., Gittler, F., Toumani, F. (eds) Service-Oriented Computing. ICSOC/ServiceWave 2009 Workshops. ServiceWave ICSOC 2009 2009. Lecture Notes in Computer Science, vol 6275. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-16132-2_7
Download citation
DOI: https://doi.org/10.1007/978-3-642-16132-2_7
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-16131-5
Online ISBN: 978-3-642-16132-2
eBook Packages: Computer ScienceComputer Science (R0)