Utilizing a Service Oriented Architecture for Information Security Evaluation and Quantification

Abstract

The service oriented architecture provides an abstraction utility that is characterized to be autonomous, well defined, and self-contained. In this research we define the basic building blocks of a security reference model composed out of processes domain view, security requirements view, infrastructure management view, security assurance view, and survivability management view. We build a security attributes organizational model based on security processes states and security attributes requirements. We continue to dissect our proposed architecture based on the service oriented architecture reference model, and map the SOA dimensions into security requirements attributes.