Universiti Teknologi Malaysia Institutional Repository

Designing a logical security framework for enterprise service oriented architecture (ESOA)

Kalantari, Alaeddin (2009) Designing a logical security framework for enterprise service oriented architecture (ESOA). Masters thesis, Universiti Teknologi Malaysia, Faculty of Computer Science and Information System.

[img] PDF
Restricted to Repository staff only

[img] PDF
[img] PDF
[img] PDF


Enterprise Service Oriented Architecture (ESOA) is an appropriate strategy to provide an integrated, flexible, adaptable, and cost efficient enterprise Service-based that derives from various set of Web Services combined with business logic to support a particular business process. Despite the benefit of SOA, integration of application makes security design more complex. It brings several security problems. There is no comprehensive security framework for helping developers to design an adequate security solution. In order to alleviate these problems, some additional nonfunctional security requirements are needed. This project aims to analyze the security requirements raised by real world SOA in an enterprise and proposes a logical security framework to meet these needs. This framework can support all three security levels (content, communication, and network) of IT infrastructure. The proposed Security Service Oriented Reference Architecture (SSORA) shows which security service defined by the proposed security framework can be applied on each layer of Service Oriented Reference Architecture. In the real world, the location of each service is an important element of security design. In order to decrease the holes of the inner firewall, a Service Routing Coordinator (SRC) is located in the internal network. This service acts as an intermediary between the Web Services and the internal network servers. The proposed framework is applied on the logical SOA deployment architecture in order to design a security solution for an enterprise. Designing a security solution for Razavi Financial Institute (RFI) shows that proposed security framework can be applied for any SOA based environment.

Item Type:Thesis (Masters)
Additional Information:Thesis (Sarjana Sains Komputer (Keselamatan Maklumat)) - Universiti Teknologi Malaysia, 2009; Supervisor : Assoc. Prof. Dr. Zailani Mohamed Sidek
Uncontrolled Keywords:security framework, Enterprise Service Oriented Architecture (ESOA), web services, security design
Subjects:Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Divisions:Computer Science and Information System (Formerly known)
ID Code:9763
Deposited By: Ms Zalinda Shuratman
Deposited On:25 Mar 2010 04:30
Last Modified:06 Aug 2012 03:05

Repository Staff Only: item control page