Proceedings of the 41st Annual Hawaii International Conference on System Sciences (HICSS 2008) (2008)
Waikoloa, Big Island, Hawaii
Jan. 7, 2008 to Jan. 10, 2008
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/HICSS.2008.64
This study proposes a new operational framework of a network administrator for Service Oriented Architecture (SOA) network security. It seeks to characterize the current state of practices in SOA network security by gathering information regarding known threats and defenses for SOA deployments. It works towards the practical implementation of SOA designs by creating training and testing scenarios for those preparing to work in this area. Finally, it frames these and other SOA security efforts with respect to a classic theoretical model of information security. The resulting synthesis includes recommendations on how best to process the XML network traffic typical of SOA applications. The proposed approach is Filtering to Inspect XML (FIX) at the network's perimeter. This framework contributes to the understanding of secure SOA designs by clarifying the responsibilities of both network managers and software engineers in orchestrating XML-based services.
B. Endicott-Popovsky, D. McLane, R. Bunge and S. Chung, "An Operational Framework for Service Oriented Architecture Network Security," Proceedings of the 41st Annual Hawaii International Conference on System Sciences (HICSS 2008)(HICSS), Waikoloa, Big Island, Hawaii, 2008, pp. 312.