1 research outputs found
Behavior-aware Service Access Control Mechanism using Security Policy Monitoring for SOA Systems
Service-oriented architecture (SOA) system has been widely utilized at many
present business areas. However, SOA system is loosely coupled with multiple
services and lacks the relevant security protection mechanisms, thus it can
easily be attacked by unauthorized access and information theft. The existed
access control mechanism can only prevent unauthorized users from accessing the
system, but they can not prevent those authorized users (insiders) from
attacking the system. To address this problem, we propose a behavior-aware
service access control mechanism using security policy monitoring for SOA
system. In our mechanism, a monitor program can supervise consumer's behaviors
in run time. By means of trustful behavior model (TBM), if finding the
consumer's behavior is of misusing, the monitor will deny its request. If
finding the consumer's behavior is of malicious, the monitor will early
terminate the consumer's access authorizations in this session or add the
consumer into the Blacklist, whereby the consumer will not access the system
from then on. In order to evaluate the feasibility of proposed mechanism, we
implement a prototype system. The final results illustrate that our mechanism
can effectively monitor consumer's behaviors and make effective responses when
malicious behaviors really occur in run time. Moreover, as increasing the
rule's number in TBM continuously, our mechanism can still work well