Home Publications

A Low-Cost Security Certification Scheme for Evolving Services

Research Area: Uncategorized Year: 2012
Type of Publication: In Proceedings Keywords: Certification, security, SOA
  • Anisetti, M.
  • Ardagna, C. A.
  • Damiani, E.
Book title: in Proc. of the 19th IEEE International Conference on Web Services (ICWS 2012)
Security certification schemes for Service-Oriented Architecture~(SOA) extend service specifications with the evidence that a service supports a set of security properties and provides a given level of assurance. However, services are subject to continuous refinements, and uncontrolled changes can easily invalidate existing certification results and require re-certification from scratch, with high costs and overheads on service providers. In this paper, we present an approach to manage the impact of service evolution on security certification. Our approach aims to support the incremental certification of evolving services and re-use, as much as possible, the certification evidence available from older certificates in the release of a new certificate.
[ Back ]
template joomla