Skip to Main Content
Web service is a distributed computing model which has characteristics of loose coupling, self-description and strong self-government, how to evaluate the degree of Web service security is a challenging problem. On the basis of analyzing the threat which Web service facing, a security evaluation method based on STRIDE model for Web service is proposed. According to its own features of Web service and threat classification method of STRIDE model, this paper designed a WS-Security Evaluation Model, it's provide a valuable way to help user to create the threat modeling and evaluating the safety degree of Web service security. With the case study of SOA system in a certain enterprise, experimental results show that it provides a valuable reference to check out security vulnerabilities of Web service and optimize the system's security design.