Abstract | ||
---|---|---|
Web services security requirements and capabilities are described in security policies. To enable the seamless interoperation between services, security policy intersection aims to provide a security policy that will satisfy both the service provider and consumer. Not only are there numerous problems with this approach, but is it also difficult for administrators to evaluate the resultant security level supported by such a policy. In contrast to this approach, security policy trade-off analysis can allow parties to make compromises to accommodate each other, while still achieving a satisfactory security level. This paper focuses on modeling the decisions and compromises to be made by web services providers or consumers to be able to interact with each other securely. The security policy support system built to model this problem employs domain vocabularies, fuzzy techniques and domain-specific preferences. |
Year | DOI | Venue |
---|---|---|
2011 | 10.1109/ARES.2011.80 | ARES |
Keywords | Field | DocType |
resultant security level,assertion trade-offs,satisfactory security level,web services security requirement,web services provider,security policy support system,security policy,security policy trade-off analysis,security policy intersection,web services security policy,domain-specific preference,domain vocabulary,measurement,algorithm design and analysis,algorithm design,encryption,web services,ws policy,web service,service provider,fuzzy cognitive map,authentication,satisfiability | Security convergence,Security through obscurity,Network security policy,Computer security,Computer science,Security service,Cloud computing security,Web application security,Security information and event management,Computer security model | Conference |
Citations | PageRank | References |
0 | 0.34 | 10 |
Authors | ||
2 |
Name | Order | Citations | PageRank |
---|---|---|---|
Tristan Lavarack | 1 | 4 | 1.25 |
Marijke Coetzee | 2 | 35 | 14.10 |