Managing end-to-end security risks with fuzzy logic in service-oriented architectures

Youakim Badr; Soumya Banerjee

doi:10.1109/SERVICES.2013.28

Managing end-to-end security risks with fuzzy logic in service-oriented architectures

Youakim Badr, Soumya Banerjee

Engineering Division (Great Valley)

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

5 Scopus citations

Abstract

Service-oriented architectures are increasingly deployed in open, distributed and dynamic environments, which require an end-to-end security awareness security at each phase of the service's lifecycle. Moreover, the security should not only focus on services without considering the risks and threats that might be caused by elements from business activities or underlying hardware and software infrastructure. In this paper, we adopt a holistic approach to define a security conceptual model that covers all elements at the business, service and infrastructure levels and guides each phase in a typical design method for service-oriented architectures. Since the information security is subject to uncertain and unforeseen threats, we propose a fuzzy logic decision system that helps identify security risks based on the security conceptual model and select appropriate security measures based on security objectives.

Original language	English (US)
Title of host publication	Proceedings - 2013 IEEE 9th World Congress on Services, SERVICES 2013
Pages	111-117
Number of pages	7
DOIs	https://doi.org/10.1109/SERVICES.2013.28
State	Published - 2013
Event	2013 IEEE 9th World Congress on Services, SERVICES 2013 - Santa Clara, CA, United States Duration: Jun 27 2013 → Jul 2 2013

Publication series

Name	Proceedings - 2013 IEEE 9th World Congress on Services, SERVICES 2013

Other

Other	2013 IEEE 9th World Congress on Services, SERVICES 2013
Country/Territory	United States
City	Santa Clara, CA
Period	6/27/13 → 7/2/13

All Science Journal Classification (ASJC) codes

Electrical and Electronic Engineering

Access to Document

10.1109/SERVICES.2013.28

Cite this

@inproceedings{c58cf8daacb84d55a5046471a1195254,

title = "Managing end-to-end security risks with fuzzy logic in service-oriented architectures",

abstract = "Service-oriented architectures are increasingly deployed in open, distributed and dynamic environments, which require an end-to-end security awareness security at each phase of the service's lifecycle. Moreover, the security should not only focus on services without considering the risks and threats that might be caused by elements from business activities or underlying hardware and software infrastructure. In this paper, we adopt a holistic approach to define a security conceptual model that covers all elements at the business, service and infrastructure levels and guides each phase in a typical design method for service-oriented architectures. Since the information security is subject to uncertain and unforeseen threats, we propose a fuzzy logic decision system that helps identify security risks based on the security conceptual model and select appropriate security measures based on security objectives.",

author = "Youakim Badr and Soumya Banerjee",

year = "2013",

doi = "10.1109/SERVICES.2013.28",

language = "English (US)",

isbn = "9780768550244",

series = "Proceedings - 2013 IEEE 9th World Congress on Services, SERVICES 2013",

pages = "111--117",

booktitle = "Proceedings - 2013 IEEE 9th World Congress on Services, SERVICES 2013",

note = "2013 IEEE 9th World Congress on Services, SERVICES 2013 ; Conference date: 27-06-2013 Through 02-07-2013",

}

Badr, Y & Banerjee, S 2013, Managing end-to-end security risks with fuzzy logic in service-oriented architectures. in Proceedings - 2013 IEEE 9th World Congress on Services, SERVICES 2013., 6655683, Proceedings - 2013 IEEE 9th World Congress on Services, SERVICES 2013, pp. 111-117, 2013 IEEE 9th World Congress on Services, SERVICES 2013, Santa Clara, CA, United States, 6/27/13. https://doi.org/10.1109/SERVICES.2013.28

Managing end-to-end security risks with fuzzy logic in service-oriented architectures. / Badr, Youakim; Banerjee, Soumya.
Proceedings - 2013 IEEE 9th World Congress on Services, SERVICES 2013. 2013. p. 111-117 6655683 (Proceedings - 2013 IEEE 9th World Congress on Services, SERVICES 2013).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - Managing end-to-end security risks with fuzzy logic in service-oriented architectures

AU - Badr, Youakim

AU - Banerjee, Soumya

PY - 2013

Y1 - 2013

N2 - Service-oriented architectures are increasingly deployed in open, distributed and dynamic environments, which require an end-to-end security awareness security at each phase of the service's lifecycle. Moreover, the security should not only focus on services without considering the risks and threats that might be caused by elements from business activities or underlying hardware and software infrastructure. In this paper, we adopt a holistic approach to define a security conceptual model that covers all elements at the business, service and infrastructure levels and guides each phase in a typical design method for service-oriented architectures. Since the information security is subject to uncertain and unforeseen threats, we propose a fuzzy logic decision system that helps identify security risks based on the security conceptual model and select appropriate security measures based on security objectives.

AB - Service-oriented architectures are increasingly deployed in open, distributed and dynamic environments, which require an end-to-end security awareness security at each phase of the service's lifecycle. Moreover, the security should not only focus on services without considering the risks and threats that might be caused by elements from business activities or underlying hardware and software infrastructure. In this paper, we adopt a holistic approach to define a security conceptual model that covers all elements at the business, service and infrastructure levels and guides each phase in a typical design method for service-oriented architectures. Since the information security is subject to uncertain and unforeseen threats, we propose a fuzzy logic decision system that helps identify security risks based on the security conceptual model and select appropriate security measures based on security objectives.

UR - http://www.scopus.com/inward/record.url?scp=84888037137&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84888037137&partnerID=8YFLogxK

U2 - 10.1109/SERVICES.2013.28

DO - 10.1109/SERVICES.2013.28

M3 - Conference contribution

AN - SCOPUS:84888037137

SN - 9780768550244

T3 - Proceedings - 2013 IEEE 9th World Congress on Services, SERVICES 2013

SP - 111

EP - 117

BT - Proceedings - 2013 IEEE 9th World Congress on Services, SERVICES 2013

T2 - 2013 IEEE 9th World Congress on Services, SERVICES 2013

Y2 - 27 June 2013 through 2 July 2013

ER -

Managing end-to-end security risks with fuzzy logic in service-oriented architectures

Abstract

Publication series

Other

All Science Journal Classification (ASJC) codes

Access to Document

Other files and links

Fingerprint

Cite this