A New Architecture for Intrusion-Tolerant Web Services Based on Design Diversity Techniques
Journal Title: Journal of Information Systems and Telecommunication - Year 2015, Vol 3, Issue 4
Abstract
Web services are the realization of service-oriented architecture (SOA). Security is an important challenge of SOAP-based Web services. So far, several security techniques and standards based on traditional security mechanisms, such as encryption and digital signature, have been proposed to enhance the security of Web services. The aim has been to employ the concepts and techniques of fault-tolerant computing to make Web services more secure, which is called intrusion-tolerance. Intrusion-tolerance means the continuous delivery of services in presence of security attacks, which can be used as a fundamental approach for enhancing the security of Web services. In this paper, we propose a novel architecture for intrusion-tolerant Web services with emphasis on intrusion-tolerance concepts and composite Web service techniques. The proposed architecture, which is called design-diverse intrusion-tolerant Web service (DDITWS), takes the advantages of design diversity techniques. For Web service composition, BPEL4WS is used. Formal modeling and verification of the proposed architecture is performed using colored Petri nets (CPNs) and CPN Tools. We have checked the behavioral properties of the model to ensure its correctness. The reliability and security evaluation of the proposed architecture is also performed using a stochastic Petri net (SPN) model and the SHARPE tool. The results show that the reliability and mean-time-to-security-failure (MTTSF) in the proposed architecture are improved.
Authors and Affiliations
Sadegh Bejani, Mohammad Abdollahi Azgomi
Keywords
Related Articles
- EP ID EP184622
- DOI 10.7508/jist.2015.04.005
- Views 127
- Downloads 0
High I/Q Imbalance Receiver Compensation and Decision Directed Frequency Selective Channel Estimation in an OFDM Receiver Employing Neural Network
The disparity introduced between In-phase and Quadrature components in a digital communication system receiver known as I/Q imbalance is a prime objective within the employment of direct conversion architectures. It redu...
A Conflict Resolution Approach using Prioritization Strategy
In current air traffic control system and especially in free flight method, the resolution of conflicts between different aircrafts is a critical problem. In recent years, conflict detection and resolution problem has be...
Cyclic Correlation-Based Cooperative Detection for OFDM-Based Primary Users
This paper develops a new robust cyclostationary detection technique for spectrum sensing of OFDM-based primary users (PUs). To do so, an asymptotically constant false alarm rate (CFAR) multi-cycle detector is proposed a...
Automatic Construction of Domain Ontology Using Wikipedia and Enhancing it by Google Search Engine
The foundation of the Semantic Web are ontologies. Ontologies play the main role in the exchange of information and development of the Lexical Web to the Semantic Web. Manual construction of ontologies is time-consuming,...
A New Recursive Algorithm for Universal Coding of Integers
In this paper, we aim to encode the set of all positive integers so that the codewords not only be uniquely decodable but also be an instantaneous set of binary sequences. Elias introduces three recursive algorithms for...