Abstract
Contemporary e-Business applications comprise of dynamic extensible and interoperable collection of services, Web Services and information shared by collaborating entities performing various transactional tasks. Securing these services offerings is therefore of crucial importance. To address security requirements, there has been a plethora of proposed solutions, ranging from hardware devices and security specifications to software applications. Most of these security solutions are largely technology focused with little or no evaluation and integration of policies and procedures of these collaborating entities. This research investigates the use of an approach that integrates documented cross-enterprise policies with current security technology, to enhance the overall security requirements of businesses that decide to use web services. A policy model for enhancing web services security is developed evaluated and presented.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Bebawy, R., et al.: Nedgty: Web services Firewall. In: IEEE International Conference on Web Services, ICWS 2005 (2005)
Boncella, R.: Web Services for E-Commerce. Communications of the Association for Information Systems 4(11), 4–14 (2000)
Boncella, R.J.: Web Services and Web Services Security. Communications of the Association for Information Systems 6(14), 344–363 (2000)
Cavanaugh, E.: Web services: Benefits, challenges, and a unique, visual development solution, http://www.altova.com/whitepapers/webservices.pdf (accessed 3 June 2006)
Chaffey, D.: E-Business and E-Commerce Management, 2nd edn. Pearson Education Limited, Essex (2004)
Chatterjee, S., Webber, J.: Developing Enterprise Web Services: An Architect’s Guide. Prentice Hall PTR, New Jersey (2004)
Davidson, M.A.: Security for eBusiness. Information Security Technical Report 6(2), 80–94 (2001)
Krawczyk, K., Weilgus, M.: Security of Web Services. In: International Conference on Dependability of Computer Systems (DEPCOS-RELCOMEX 2006), pp. 183–190 (2006)
Laudon, K.C., Traver, C.G.: E-commerce: business, technology, society, 2nd edn. Addison Wesley, Boston (2004)
Nakaruma, Y., Tatsubori, M., Imamura, T., Ono, K.: Model-driven based security based on web services security architecture. In: IEEE International Conference on Services Computing (SCC 2005). IEEE Computer Society, Orlando (2005)
Papazoglou, M.P., Ribbers, P.M.: e-Business: Organizational and Technical Foundations. John Wiley & Sons Ltd., West Sussex (2006)
Pulier, E., Taylor, H.: Understanding Enterprise SOA. Manning Publications, California (2005)
Rowan, L.: Security in a Web Services World in Network Security, June 2005, vol. 2005(6) (2005)
Steel, C., Nagappan, R., Lai, R.: Core Security Patterns. Prentice Hall PTR, Englewood Cliffs (2005)
Young, K.: UK firms surf the e-business wave (2005), http://www.itweek.co.uk/vnunet/news/2144211/uk-business-internet-soaring (accessed 29 May 2006)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 ICST Institute for Computer Science, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Ishaya, T., Nurse, J.R.C. (2010). Cross-Enterprise Policy Model for e-Business Web Services Security. In: Weerasinghe, D. (eds) Information Security and Digital Forensics. ISDF 2009. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 41. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-11530-1_18
Download citation
DOI: https://doi.org/10.1007/978-3-642-11530-1_18
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-11529-5
Online ISBN: 978-3-642-11530-1
eBook Packages: Computer ScienceComputer Science (R0)