By Topic

Web Service-Based Business Process Development, Threat Modeling and Security Assessment Tool

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

4 Author(s)
Jianxin Li ; Beihang Univ., Beihang ; Sommestad, T. ; Hung, P.C.K. ; Xiang Li

A business process is a collection of related structures and activities, undertaken by organizations in order to achieve certain business goals. The Web services-based business processes with a new set of protocols bring a new set of security challenges. As security has become an essential component for all software, several security solutions for XML and Web services have been proposed. In general, a security threat model is an organized representation of relevant threats, attacks, and vulnerabilities to a system. In this context, security threat modeling is an engineering technique which can be used to shape the Web service-based business processes with security requirements. The topic of security threat modeling in business process is becoming increasingly important to industry. This tutorial strives to reflect recent trends in research and developments of business processes integration and management with security concerns. In addition this tutorial will cover the fundamental concepts of security threat modeling from the perspectives of Web service-based business process. This tutorial will also address the common practices and related tools/procedures for addressing the security vulnerabilities, especially in XML attacks. A research prototype of security assessment will also be presented and demonstrated in the tutorial.

Published in:

Congress on Services Part II, 2008. SERVICES-2. IEEE

Date of Conference:

23-26 Sept. 2008