Forensic capabilities for service-oriented architectures

This report describes a framework to provide on-line forensic capabilities to service oriented architecture via Forensic Web Services (FWS) and runtime execution monitoring. The FWS is a new type of web services to be used by other web services (of an independent agency) to securely maintain transactional records of interest between other web services. The framework uses runtime execution monitoring to search the transactional log for interesting (or suspicious) service invocation sequences to recreate non-repudiable evidence of transactional history for use in a court of law.Contract Number: N6600107WR00222Approved for public release; distribution is unlimited