A New Architecture for Intrusion-Tolerant Web Services Based on Design Diversity Techniques

Journal Title: Journal of Information Systems and Telecommunication - Year 2015, Vol 3, Issue 4

Abstract

Web services are the realization of service-oriented architecture (SOA). Security is an important challenge of SOAP-based Web services. So far, several security techniques and standards based on traditional security mechanisms, such as encryption and digital signature, have been proposed to enhance the security of Web services. The aim has been to employ the concepts and techniques of fault-tolerant computing to make Web services more secure, which is called intrusion-tolerance. Intrusion-tolerance means the continuous delivery of services in presence of security attacks, which can be used as a fundamental approach for enhancing the security of Web services. In this paper, we propose a novel architecture for intrusion-tolerant Web services with emphasis on intrusion-tolerance concepts and composite Web service techniques. The proposed architecture, which is called design-diverse intrusion-tolerant Web service (DDITWS), takes the advantages of design diversity techniques. For Web service composition, BPEL4WS is used. Formal modeling and verification of the proposed architecture is performed using colored Petri nets (CPNs) and CPN Tools. We have checked the behavioral properties of the model to ensure its correctness. The reliability and security evaluation of the proposed architecture is also performed using a stochastic Petri net (SPN) model and the SHARPE tool. The results show that the reliability and mean-time-to-security-failure (MTTSF) in the proposed architecture are improved.

Authors and Affiliations

Sadegh Bejani, Mohammad Abdollahi Azgomi

Keywords

Related Articles

Assessment of Performance Improvement in Hyperspectral Image Classification Based on Adaptive Expansion of Training Samples

High dimensional images in remote sensing applications allow us to analysis the surface of the earth with more details. A relevant problem for supervised classification of hyperspectral image is the limited availability...

COGNISON: A Novel Dynamic Community Detection Algorithm in Social Network

The problem of community detection has a long tradition in data mining area and has many challenging facet, especially when it comes to community detection in time-varying context. While recent studies argue the usabilit...

EBG Structures Properties and their Application to Improve Radiation of a Low Profile Antenna

In this paper we have studied the characteristics of mushroom-like Electromagnetic Band Gap (EBG) structure and performance of a low profile antenna over it. Afterward, a novel EBG surface is presented by some modificati...

A New Switched-beam Setup for Adaptive Antenna Array Beamforming

In this paper, a new spatio-temporal based approach is proposed which improves the speed and performance of temporal-based algorithms, conventional Least Mean Square (LMS), Normalized LMS (NLMS) and Variable Step-size LM...

A Robust Data Envelopment Analysis Method for Business and IT Alignment of Enterprise Architecture Scenarios

Information Technology is recognized as a competitive enabler in today’s dynamic business environment. Therefore, alliance of business and Information Technology process is critical, which is mostly emphasized in Informa...

Download PDF file
  • EP ID EP184622
  • DOI 10.7508/jist.2015.04.005
  • Views 135
  • Downloads 0

How To Cite

Sadegh Bejani, Mohammad Abdollahi Azgomi (2015). A New Architecture for Intrusion-Tolerant Web Services Based on Design Diversity Techniques. Journal of Information Systems and Telecommunication, 3(4), 238-247. https://europub.co.uk./articles/-A-184622