Abstract
Service-Oriented Architecture is a new paradigm in Software computing that focused on web-based Service-Oriented computing. This paradigm based on client services architecture and involves communication among three different entities: Service Provider, Service Consumer and Service Broker or Registry. These three entities are loosely coupled. Security is an important aspect for any application. In SOA, managing and organizing security is a challenging issue, because services are deployed in distributed environment. In SOA, security is defined in terms of services which are secure service registration and deregistration, secure service discovery, secure service delivery and availability of trustworthy services. This paper proposed a Kerberos based security framework that fulfills the security requirement needed for secure SOA. The implementation of the proposed security framework is also provided.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Jousttis, N.: SOA in Practice, the Art of Distributed System Design. O’Reilly Media Inc, Sebastopol (2007)
Wiebelhaus, S., et al.: Service orientation concepts and definitions. In: Workshop on Introducing Service-Oriented Computing, Tempe, September 2006
Earl, T.: Service-Oriented Architecture: Concepts, Technology & Design. Prentice Hall/Pearson PT, Upper Saddle River (2005)
Alagappan, D., et al.: Security in service-oriented architecture: a survey of techniques. In: Workshop on Introducing Service-Oriented Computing, Tempe, September 2006
Ponnusamy, R., et al.: Security issues in service-oriented architecture. In: Workshop on Introducing Service-Oriented Computing, Tempe, September 2006
Cotroneo, D., et al.: Security requirements in service-oriented architectures for ubiquitous computing. In: Middleware for Pervasive and Ad-hoc Computing. ACM (2004)
Catharina, C.: A security framework for service-oriented architectures. In: MILCOM 2007 (2007)
Pajevski, M.: A Security Model for Service-Oriented Architectures (2005). NASA Website. http://www.oasisopen.org/committees/download.php/17573/06-0400008.000.pdf
Buecker, A., et al.: Understanding SOA Security. IBM Publication, Indianapolis (2007)
Nagaratnam, N., et al.: SOA Security Reference Model. STSC Cross Talk (2007)
Youmans, J.: Methods of SOA Security Engineering and Certification. Concurrent Technologies Corporation Website (2009)
Menezes, J., et al.: Handbook of Applied Cryptography, 5th edn. CRC Press, Boca Raton (2001)
Cisco Systems. Kerberos Overview on Service for Open Network System. http://www.cisco.com/en/US/tech/tk59/technologieswhitepaper09186a00800941b2.shtml
Shamir, A.: Identity-based cryptosystems and signature schemes. In: Blakley, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 47–53. Springer, Heidelberg (1985). https://doi.org/10.1007/3-540-39568-7_5
Sun, J., et al.: Intelligent enterprise information security architecture based on service oriented. In: International Seminar on Future IT and Management Engineering. IEEE (2008)
Menzel, M., et al.: Security requirements specification in service oriented business process management. In: International Conference on Availability, Reliability and Security (2009)
Tang, J., et al.: A classification of enterprise service-oriented architecture. In: Fifth IEEE International Symposium on Service Oriented System Engineering (2010)
Karimi, O.: Security model for service-oriented architecture. ACIJ 2(4), 48–58 (2011)
Huang, M., et al.: Research for E-commerce platform security framework based on SOA. In: Proceedings of the 4th International Conference on BMEI China, pp. 2171–2174, October 2011
Duggan, D., et al.: Service-oriented architecture. Enterprise Software Architecture and Design: Entities, Services, and Resources, pp. 207–358 (2012)
Ashish, L., et al.: Designing a logical security framework for e-commerce system based on SOA. Int. J. Soft Comput. (IJSC) 5(2), 1 (2014)
Shashwat, A., et al.: An end to end security framework for service oriented architecture. In: International Conference on Infocom Technologies and Unmanned Systems (ICTUS), Dubai, pp. 475–480 (2017)
McKee, D.W., et al.: n-Dimensional QoS framework for real-time service-oriented architectures. In: International Conference on Internet of Things and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData), pp. 195–202 (2017)
Srinivasulu, P., et al.: Cloud service oriented architecture (CSoA) for agriculture through internet of things (IoT) and big data. In: International Conference on Electrical, Instrumentation and Communication Engineering (ICEICE), Karur, pp. 1–6 (2017)
Acknowledgements
This work is financially supported by Technical Education Quality Improvement Programme (TEQIP-III).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Yaduvanshi, R., Mishra, S., Mishra, A.K., Gupta, A. (2019). A Security Framework for Service-Oriented Architecture Based on Kerberos. In: Mandal, J., Mukhopadhyay, S., Dutta, P., Dasgupta, K. (eds) Computational Intelligence, Communications, and Business Analytics. CICBA 2018. Communications in Computer and Information Science, vol 1031. Springer, Singapore. https://doi.org/10.1007/978-981-13-8581-0_32
Download citation
DOI: https://doi.org/10.1007/978-981-13-8581-0_32
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-13-8580-3
Online ISBN: 978-981-13-8581-0
eBook Packages: Computer ScienceComputer Science (R0)