Evolving Security Requirements in Multi-Layered Service-Oriented-Architectures

Abstract : Due to today's rapidly changing corporate environments, business processes are increasingly subject to dynamic configuration and evolution. The evolution of new deployment architectures, as illustrated by the move towards mobile platforms and the Internet Of Services, and the introduction of new security regulations (imposed by national and international regulatory bodies, such as SOX4 or BASEL5) are an im- portant constraint in the design and development of business processes. In such context, it is not sufficient to apply the corresponding adapta- tions only at the service orchestration or at the choreography level; there is also the need for controlling the impact of new security requirements to several architectural layers, specially in cloud computing, where the notion of Platforms as Services and Infrastructure as Services are fun- damental. In this paper we survey several research questions related to security cross-domain and cross-layer security functionality in Service Oriented Architectures, from an original point of view. We provide the first insights on how a general service model empowered with aspect oriented programming capabilities can provide clean modularization to such cross-cutting security concerns.
Type de document :
Communication dans un congrès
4th International Workshop on Autonomous and Spontaneous Security, Sep 2011, Leuven, Belgium. 2011
Liste complète des métadonnées

Contributeur : Mario Südholt <>
Soumis le : mardi 9 août 2011 - 20:30:04
Dernière modification le : mardi 4 décembre 2018 - 11:08:10


  • HAL Id : inria-00614163, version 1


Muhammed Sabir Idrees, Gabriel Serme, Yves Roudier, Anderson Santana de Oliveira, Hervé Grall, et al.. Evolving Security Requirements in Multi-Layered Service-Oriented-Architectures. 4th International Workshop on Autonomous and Spontaneous Security, Sep 2011, Leuven, Belgium. 2011. 〈inria-00614163〉



Consultations de la notice