{"title":"通用操作环境的安全概念综述","authors":"J. Loyall, K. Rohloff, P. Pal, M. Atighetchi","doi":"10.1109/ISORCW.2011.31","DOIUrl":null,"url":null,"abstract":"As newer software engineering technologies, such as Service-Oriented Architecture (SOA), become the basis for mission-critical systems, they must include security as a foundational capability. This paper highlights security concepts relevant to using SOA as a foundation for a Common Operating Environment (COE), i.e., a set of infrastructure and common services for developing and executing applications across multiple platforms. We present and motivate security needs, tradeoffs, and solutions in the various layers of a SOA-based COE, including 1) the network, 2) computational platforms, and 3) the common software infrastructure consisting of a SOA stack, common services, and applications. We also discuss cross cutting aspects of security such as survivability, transparency, flexibility, specificity, reuse, and assurance. We then explore security standards and requirements for mission-critical systems developed on top of a SOA-based COE and security technologies that are candidates for satisfying the requirements. The paper closes with a set of recommendations and steps forward for both research into and implementation of security in a SOA-based COE.","PeriodicalId":126022,"journal":{"name":"2011 14th IEEE International Symposium on Object/Component/Service-Oriented Real-Time Distributed Computing Workshops","volume":"150 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2011-03-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"A Survey of Security Concepts for Common Operating Environments\",\"authors\":\"J. Loyall, K. Rohloff, P. Pal, M. Atighetchi\",\"doi\":\"10.1109/ISORCW.2011.31\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"As newer software engineering technologies, such as Service-Oriented Architecture (SOA), become the basis for mission-critical systems, they must include security as a foundational capability. This paper highlights security concepts relevant to using SOA as a foundation for a Common Operating Environment (COE), i.e., a set of infrastructure and common services for developing and executing applications across multiple platforms. We present and motivate security needs, tradeoffs, and solutions in the various layers of a SOA-based COE, including 1) the network, 2) computational platforms, and 3) the common software infrastructure consisting of a SOA stack, common services, and applications. We also discuss cross cutting aspects of security such as survivability, transparency, flexibility, specificity, reuse, and assurance. We then explore security standards and requirements for mission-critical systems developed on top of a SOA-based COE and security technologies that are candidates for satisfying the requirements. The paper closes with a set of recommendations and steps forward for both research into and implementation of security in a SOA-based COE.\",\"PeriodicalId\":126022,\"journal\":{\"name\":\"2011 14th IEEE International Symposium on Object/Component/Service-Oriented Real-Time Distributed Computing Workshops\",\"volume\":\"150 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2011-03-28\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2011 14th IEEE International Symposium on Object/Component/Service-Oriented Real-Time Distributed Computing Workshops\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ISORCW.2011.31\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2011 14th IEEE International Symposium on Object/Component/Service-Oriented Real-Time Distributed Computing Workshops","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ISORCW.2011.31","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A Survey of Security Concepts for Common Operating Environments
As newer software engineering technologies, such as Service-Oriented Architecture (SOA), become the basis for mission-critical systems, they must include security as a foundational capability. This paper highlights security concepts relevant to using SOA as a foundation for a Common Operating Environment (COE), i.e., a set of infrastructure and common services for developing and executing applications across multiple platforms. We present and motivate security needs, tradeoffs, and solutions in the various layers of a SOA-based COE, including 1) the network, 2) computational platforms, and 3) the common software infrastructure consisting of a SOA stack, common services, and applications. We also discuss cross cutting aspects of security such as survivability, transparency, flexibility, specificity, reuse, and assurance. We then explore security standards and requirements for mission-critical systems developed on top of a SOA-based COE and security technologies that are candidates for satisfying the requirements. The paper closes with a set of recommendations and steps forward for both research into and implementation of security in a SOA-based COE.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
