By Topic

A Security Evaluation Method Based on STRIDE Model for Web Service

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

3 Author(s)
Li Jiang ; Software Sch., Hunan Univ., Changsha, China ; Hao Chen ; Fei Deng

Web service is a distributed computing model which has characteristics of loose coupling, self-description and strong self-government, how to evaluate the degree of Web service security is a challenging problem. On the basis of analyzing the threat which Web service facing, a security evaluation method based on STRIDE model for Web service is proposed. According to its own features of Web service and threat classification method of STRIDE model, this paper designed a WS-Security Evaluation Model, it's provide a valuable way to help user to create the threat modeling and evaluating the safety degree of Web service security. With the case study of SOA system in a certain enterprise, experimental results show that it provides a valuable reference to check out security vulnerabilities of Web service and optimize the system's security design.

Published in:

Intelligent Systems and Applications (ISA), 2010 2nd International Workshop on

Date of Conference:

22-23 May 2010