Security framework for dynamic service-oriented IT systems

Figures & data

Figure 1. SOA layered architecture.

Table 1. The security evaluation requirements for each of the SOA functional layers (selection) (Kołaczek, 2013).

SOA layer	Evaluate/verify/test
Business processes	policy consistency, policy completeness, trust management, identity management, integrity of business process,
Composite service	identification of the services, authentication of the services, management of security of the composite services,
Atomic service	description completeness, availability, protection from attacks,
Communication	confidentiality of data transferred, authentication, norms compliance,
Computation	availability of computational resources, protection from attacks, integrity of data processed.

Figure 2. Architecture of multi-agent system for evaluation of the security level in service-oriented systems.

Figure 3. The opinion triangle (Josang, 1999).

Figure 4. Structure of the composite services. (a) ring, (b) ring + additional connection, (c) ring + two additional connections and (d) random connections.

Table 2. Moran-I test results for examined topologies.

	Network topology
	Ring	Ring + 1 link	Ring + 2 links	Random
Moran I statistic	0.621917	0.705009	0.266890	−0.06560
p-value	0.000787	9.222e–05	0.05888	0.6412
Expectation	−0.052631	−0.052631	−0.052631	−0.03448
Variance	0.045547	0.041050	0.041725	0.018990

Table 3. Local Moran-I test results summary.

	Network topology
	Ring	Ring + 1 link	Ring + 2 links	Random
Median(Ii)	0.26489	0.4809227	0.19972	−0.05212
Mean(Ii)	0.62192	0.7050096	0.26689	−0.06561
Mean(Pr(z > 0))	2.870e–01	2.276e–01	0.33687	0.5209676

Figure 5. Correlation of spatial data communication traffic generated for the four selected structures of complex service. (a) ring network correlogram, (b) ring +1 network correlogram, (c) ring +2 network correlogram and (d) random network correlogram.

Kołaczek, G. (2013). Multi-agent platform for security level evaluation of information and communication services. In Advanced Methods for Computational Collective Intelligence (pp. 107–116). Springer Berlin Heidelberg.

 Google Scholar

Josang, A. (1999). Trust-based decision making for electronic transactions. Proceedings of the Fourth Nordic Workshop on Secure … . Retrieved from http://folk.uio.no/josang/papers/Jos1999-NordSec.pdfTrust-based decision making for electronic transactions. Proceedings of the Fourth Nordic Workshop on Secure

 Google Scholar