Conference paper

Appeared in: 2014 IEEE International Conference on Services Computing (SCC 2014)

Editor list: Ferrari, E.

Publication year: 2014

Pages: 464-471

ISBN: 978-1-4799-5067-6

eISBN: 978-1-4799-5066-9

DOI Link: https://doi.org/10.1109/SCC.2014.68

Conference: 2014 IEEE International Conference on Services Computing (SCC 2014)

Abstract: 

Developing contemporary software architectures requires the consideration and adoption of the Service-oriented Architecture (SOA) principles. Distributed applications are a very common domain in which SOA guides design decisions in particular. For a long time, SOAP and its related stack of standards have been the only technological choice for implementing SOA-based systems. With the increased adoption of the REST concept, an alternative to SOAP is gaining traction. Security considerations have been part of the SOAP-based standardization work since the very beginning. As a result, a mature and comprehensive set of security-related standards is available for building SOAP-based service systems. REST-ful service systems, however, cannot take advantage of such a fully developed security framework yet. This paper therefore revisits the SOAP-based web services security stack in order to identify commonalities, differences and gaps in the security available for REST-ful services. From these findings a desired REST-ful web services security stack is proposed together with related research, development and standardization challenges.

Harvard Citation style: Gorski, P., Lo Iacono, L., Nguyen, H. and Torkian, D. (2014) Service Security Revisited, in Ferrari, E. (ed.) 2014 IEEE International Conference on Services Computing (SCC 2014). Piscataway, NJ: IEEE. pp. 464-471. https://doi.org/10.1109/SCC.2014.68

APA Citation style: Gorski, P., Lo Iacono, L., Nguyen, H., & Torkian, D. (2014). Service Security Revisited. In Ferrari, E. (Ed.), 2014 IEEE International Conference on Services Computing (SCC 2014). (pp. 464-471). IEEE. https://doi.org/10.1109/SCC.2014.68