A business-oriented framework for enhancing web services security for e-business
- Publication date
- Publisher
Abstract
Security within the Web services technology field is a complex and very
topical issue. When considering using this technology suite to support interacting
e-businesses, literature has shown that the challenge of achieving security
becomes even more elusive. This is particularly true with regard to attaining a
level of security beyond just applying technologies, that is trusted, endorsed and
practiced by all parties involved. Attempting to address these problems, this research
proposes BOF4WSS, a Business-Oriented Framework for enhancing Web
Services Security in e-business. The novelty and importance of BOF4WSS is its
emphasis on a tool-supported development methodology, in which collaborating
e-businesses could achieve an enhanced and more comprehensive security and
trust solution for their services interactions.
This investigation began with an in-depth assessment of the literature in
Web services, e-business, and their security. The outstanding issues identified
paved the way for the creation of BOF4WSS. With appreciation of research limitations
and the added value of framework tool-support, emphasis was then shifted
to the provision of a novel solution model and tool to aid companies in the use and
application of BOF4WSS. This support was targeted at significantly easing the
difficulties incurred by businesses in transitioning between two crucial framework
phases.
To evaluate BOF4WSS and its supporting model and tool, a two-step
approach was adopted. First, the solution model and tool were tested for compatibility
with existing security approaches which they would need to work with
in real-world scenarios. Second, the framework and tool were evaluated using interviews
with industry-based security professionals who are experts in this field.
The results of both these evaluations indicated a noteworthy degree of evidence
to affirm the suitability and strength of the framework, model and tool. Additionally,
these results also act to cement this thesis' proposals as innovative and
significant contributions to the research field