Abstract
Cooperative services in Service Oriented Architectures (SOA) inter act and delegate jobs to each other; when they have to respect a Service Level Agreement (SLA) they need to explicitly manage it amongst each other. SLAs and, above all, security-SLAs, are usually expressed in ambiguous ways and this implies that they need to be manually evaluated both in a mutual agreement to ”qualify a service” and in the monitoring process. Due to this approach, usually, service composition cannot be dynamically performed. In this paper we introduce a methodology which helps in security SLA automatic evaluation and comparison. The methodology founds on the adoption of policies both for service behav ior and SLA description and on the definition of a metric function for evaluation and comparison of policies. We will illustrate the applicability of the proposed methodology in different contexts of great interest for e-government projects.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
K. Beznosov, B. Hartman, D.J. Flinn, and S Kawamoto. Mastering Web Services Security. Wiley.
A. Bosworth. Developing Web Services. Proceedings 17th International Conference on Data Engineering. IEEE Comput. Soc, pp.477–81. Los Alamitos, CA, USA, 2001.
Bishop M., Computer Security, Art and Science, Addison-Wesley, 2003.
Brewer D., Nash M., The Chinese Wall Security Policy, Proceedings of the 1989 IEEE Symposium on Security and Privacy, pp.206–214 (May 1989).
Casola V., A Policy Based Methodology for the Analysis, Modelling and Implementation of Security Infrastructures, PhD Thesis, Second University of Naples, 2004.
Casola V., Mazzeo A., Mazzocca N., Vittorini V., Policy Formalization to combine separate systems into larger connected networks of trust-Proceedings of Net-Con' 2002 Conference, Paris, France. 2002.
Casola V., Mazzeo A., Mazzocca N., Vittorini V, Policy based interoperability in distributed security infrastructures-Proceedings of 10th ISPE International conference on concurrent engineering: research and applications. Madeira, Spain. 2003.
Casola V., Preziosi R., Rak M., Troiano L. 2004. Security Level Evaluation: Policy and Fuzzy Technique. In IEEE Proceedings of International Conference on Information Technology: Coding and Computing (ITCC 2004), vol. 2, pp.752–756, Las Vegas, ISBN 0-7695-2108-8.
Casola V., Preziosi R., Rak M., Troiano L., A Reference Model for Security Level Evaluation: Policy and Fuzzy Techniques, in JUCS-Journal of Universal Computer Science-edited by Ajith Abraham, Oklahoma State University, USA and L.C. Jain, University of South Australia, January 2005
Curry I., Trusted Public-Key Infrastructures, Version 1.2, Entrust Technologies http://www.entrust.com. 2000.
European Communities-Commission: ITSEC: Information Technology Security Evaluation Criteria; (Provisional Harmonised Criteria, Version 1.2, 28 June 1991) Office for Official Publications of the European Communities, Luxembourg 1991 (ISBN 92-826-3004-8).
Harris Corporation, Information Assurance Benchmark Analysis Study Final Report, 21 October 1999.
Ronda R. Henning Security Service Level Agreements: Quantifiable Security for the Enterprice? ACM Proceedings of New Security Paradigm Workshop 1999, Ontario, Canada.
Jajodia S., Samarati P., and Subrahmanian V. S., ”A Logical Language for Expressing Authorizations,” Published in the proceedings of IEEE Symposium on Security and Privacy, Oakland, USA, 1997.
Kagal L., Finin T, Joshi A., 2003. A Policy Language for a Pervasive Computing Environment, IEEE 4th International Workshop on Policies for Distributed Systems and Networks (Policy 2003)
Klobucar T., Jerman-Blazic B., A Formalization and evaluation of certificate policies, Computer Communication 22(1999), 1104–1110
Kokolakis S.A., Kiountouzis E.A., Achieving Interoperability in a multiple-security-policies environment, Computer & Security. Vol 19, no. 3 pp 267–281, Elsevier Science 2000.
Turnbull J. “Cross-Certification and PKI Policy Networking*#x201D; Version 1.1, Entrust Technologies http://www.entrust.com. 2000.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer Science+Business Media, LLC.
About this paper
Cite this paper
Casola, V., Mazzeo, A., Mazzocca, N., Rak, M. (2006). A SLA evaluation methodology in Service Oriented Architectures. In: Gollmann, D., Massacci, F., Yautsiukhin, A. (eds) Quality of Protection. Advances in Information Security, vol 23. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-36584-8_10
Download citation
DOI: https://doi.org/10.1007/978-0-387-36584-8_10
Publisher Name: Springer, Boston, MA
Print ISBN: 978-0-387-29016-4
Online ISBN: 978-0-387-36584-8
eBook Packages: Computer ScienceComputer Science (R0)