A New Architecture for Intrusion-Tolerant Web Services Based on Design Diversity Techniques
Journal Title: Journal of Information Systems and Telecommunication - Year 2015, Vol 3, Issue 4
Abstract
Web services are the realization of service-oriented architecture (SOA). Security is an important challenge of SOAP-based Web services. So far, several security techniques and standards based on traditional security mechanisms, such as encryption and digital signature, have been proposed to enhance the security of Web services. The aim has been to employ the concepts and techniques of fault-tolerant computing to make Web services more secure, which is called intrusion-tolerance. Intrusion-tolerance means the continuous delivery of services in presence of security attacks, which can be used as a fundamental approach for enhancing the security of Web services. In this paper, we propose a novel architecture for intrusion-tolerant Web services with emphasis on intrusion-tolerance concepts and composite Web service techniques. The proposed architecture, which is called design-diverse intrusion-tolerant Web service (DDITWS), takes the advantages of design diversity techniques. For Web service composition, BPEL4WS is used. Formal modeling and verification of the proposed architecture is performed using colored Petri nets (CPNs) and CPN Tools. We have checked the behavioral properties of the model to ensure its correctness. The reliability and security evaluation of the proposed architecture is also performed using a stochastic Petri net (SPN) model and the SHARPE tool. The results show that the reliability and mean-time-to-security-failure (MTTSF) in the proposed architecture are improved.
Authors and Affiliations
Sadegh Bejani, Mohammad Abdollahi Azgomi
Keywords
Related Articles
- EP ID EP184622
- DOI 10.7508/jist.2015.04.005
- Views 146
- Downloads 0
Analysis of Imperfect Space Channel for the Next Generation Satellite Networks
An efficient space data management is imperative in guaranteeing the best performance with a fair distribution of next generation satellite networks. Therefore, one of the major challenges of implementing this kind of fu...
An Ultra-Wideband Common Gate LNA With Gm-Boosted And Noise Canceling Techniques
In this paper, an ultra-wideband (UWB) common gate low-noise amplifier (LNA) with gm-boosted and noise-cancelling techniques is presented. In this scheme we utilize gm-boosted stage for cancelling the noise of matching d...
Active Steganalysis of Transform Domain Steganography Based on Sparse Component Analysis
This paper presents a new active steganalysis method to break the transform domain steganography. Most of steganalysis techniques focus on detecting the presence or absence of a secret message in a cover (passive stegana...
Application of Curve Fitting in Hyperspectral Data Classification and Compression
Regarding to the high between-band correlation and large volumes of hyperspectral data, feature reduction (either feature selection or extraction) is an important part of classification process for this data type. A vari...
Assessment of Performance Improvement in Hyperspectral Image Classification Based on Adaptive Expansion of Training Samples
High dimensional images in remote sensing applications allow us to analysis the surface of the earth with more details. A relevant problem for supervised classification of hyperspectral image is the limited availability...