Information Security and Digital Forensics. First International Conference, ISDF 2009, London, United Kingdom, September 7-9, 2009, Revised Selected Papers

Research Article

Cross-Enterprise Policy Model for e-Business Web Services Security

Download
366 downloads
  • @INPROCEEDINGS{10.1007/978-3-642-11530-1_18,
        author={Tanko Ishaya and Jason Nurse},
        title={Cross-Enterprise Policy Model for e-Business Web Services Security},
        proceedings={Information Security and Digital Forensics. First International Conference, ISDF 2009, London, United Kingdom, September 7-9, 2009, Revised Selected Papers},
        proceedings_a={ISDF},
        year={2012},
        month={5},
        keywords={security security policies security model web Services cross-enterprise e-Business web-based applications},
        doi={10.1007/978-3-642-11530-1_18}
    }
    
  • Tanko Ishaya
    Jason Nurse
    Year: 2012
    Cross-Enterprise Policy Model for e-Business Web Services Security
    ISDF
    Springer
    DOI: 10.1007/978-3-642-11530-1_18
Tanko Ishaya1,*, Jason Nurse2,*
  • 1: The University of Hull
  • 2: University of Warwick
*Contact email: T.Ishaya@hull.ac.uk, jnurse@dcs.warwick.ac.uk

Abstract

Contemporary e-Business applications comprise of dynamic extensible and interoperable collection of services, Web Services and information shared by collaborating entities performing various transactional tasks. Securing these services offerings is therefore of crucial importance. To address security requirements, there has been a plethora of proposed solutions, ranging from hardware devices and security specifications to software applications. Most of these security solutions are largely technology focused with little or no evaluation and integration of policies and procedures of these collaborating entities. This research investigates the use of an approach that integrates documented cross-enterprise policies with current security technology, to enhance the overall security requirements of businesses that decide to use web services. A policy model for enhancing web services security is developed evaluated and presented.