2013 | OriginalPaper | Buchkapitel
Improving Security Assurance of Services through Certificate Profiles
verfasst von : Marioli Montenegro, Antonio Maña, Hristo Koshutanski
Erschienen in: Advances in Service-Oriented and Cloud Computing
Verlag: Springer Berlin Heidelberg
Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.
Wählen Sie Textabschnitte aus um mit Künstlicher Intelligenz passenden Patente zu finden. powered by
Markieren Sie Textabschnitte, um KI-gestützt weitere passende Inhalte zu finden. powered by
Cloud and Web Services technologies offer a powerful cost-effective and fast growing approach to the provision of infrastructure, platform and software as services. However, these technologies still raise significant concerns regarding security assurance and compliance of data and software services offered. A new trend of a service security certification has been recently proposed to overcome the limitations of existing security certificates by representing security certification in a structured, machine-processable manner that will enable automated reasoning for certified security features in security-critical domains. However, the richness and flexibility of the underlying certificate models and languages comes with the price of increased
complexity
in processing and comparing those certificates and related security claims in practice. In this paper, we propose the concept of
certificate profile
to provide a mechanism to address processability and interoperability of service security certificates. We present a conceptual model and a concrete realization of the model within the context of the European project ASSERT4SOA.