A New Architecture for Intrusion-Tolerant Web Services Based on Design Diversity Techniques
سال انتشار: 1394
نوع سند: مقاله ژورنالی
زبان: انگلیسی
مشاهده: 377
فایل این مقاله در 10 صفحه با فرمت PDF قابل دریافت می باشد
- صدور گواهی نمایه سازی
- من نویسنده این مقاله هستم
استخراج به نرم افزارهای پژوهشی:
شناسه ملی سند علمی:
JR_JIST-3-4_001
تاریخ نمایه سازی: 9 اسفند 1395
چکیده مقاله:
Web services are the realization of service-oriented architecture (SOA). Security is an important challenge of Web services. So far, several security techniques and standards based on traditional security mechanisms (i.e., encryption and digital signature) have been proposed to enhance the security of Web services. The aim of this work has been to propose an approach for securing Web services by employing the concepts and techniques of software fault tolerance (such as design diversity), which is called intrusion tolerance. Intrusion tolerance means the continuous delivery of services in presence of security attacks, which can be used as a fundamental approach for enhancing the security of Web services. In this paper, we propose an architecture for intrusion-tolerant Web services (ITWSs) by using both design diversity and composite Web services techniques. The proposed architecture is called design-diverse intrusion-tolerant Web service (abbreviated as DDITWS). For Web service composition, BPEL4WS is used. For modeling and verification of the proposed architecture, coloured Petri nets (CPNs) and the CPN Tools are used. We have model-checked the behavioral properties of the architecture to ensure its correctness using this tool. The reliability and security evaluation of the architecture is also performed using a stochastic Petri net (SPN) model and the SHARPE modeling tool. The results show that the reliability and mean-time-to-security-failure (MTTSF) in the proposed architecture are improved.
کلیدواژه ها:
نویسندگان
Sadegh Bejani
Department of Information and Communication Technology, Imam Hossein University, Tehran, Iran
Mohammad Abdollahi Azgomi
Department of Computer Engineering, Iran University of Science and Technology, Tehran, Iran