Nothing Special   »   [go: up one dir, main page]
Skip to main content

Advertisement

Springer Nature Link
Log in

CRESCENT+: a self-protecting framework for reliable composite web service delivery

  • Original Article
  • Published:
Iran Journal of Computer Science Aims and scope Submit manuscript

Abstract

One way to ensure reliable and secure composite web service delivery is by making them autonomous (i.e., become self-managing services, where they can be self-organizing, self-healing, self-optimizing, and self-protecting). The CRESCENT framework was previously proposed towards achieving such vision. It managed to satisfy the first three properties, but did not handle the self-protection property. To overcome such limitation, this paper extends CRESCENT and proposes CRESCENT+; a self-protecting framework for reliable composite web service delivery. This is done by performing vulnerability analysis to identify CRESCENT weaknesses, then performing a STRIDE-based threat analysis to identify possible attacks on CRESCENT, and finally proposing different solutions and countermeasures to be integrated into CRESCENT to overcome such problems. Experimental results show that CRESCENT+ increased the reliability of the CRESCENT framework trading off the overall throughput. However, we argue that such loss in the overall throughput is still acceptable as a price for having autonomous composite web services; especially, the obtained overall throughput is still higher than existing industrial standards.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13
Fig. 14
Fig. 15
Fig. 16
Fig. 17
Fig. 18
Fig. 19
Fig. 20
Fig. 21
Fig. 22

Similar content being viewed by others

Explore related subjects

Discover the latest articles, news and stories from top researchers in related subjects.

References

  1. SecurITree - attack tree-based modeling software. Amenaza Technologies Limited [Online]. http://www.amenaza.com/. Accessed 5 Sep 2014

  2. The STRIDE Threat Model, Microsoft [Online]. http://msdn.microsoft.com/en-us/library/ee823878(v=cs.20).aspx. Accessed: 20 Sep 2014

  3. Amir, Y., Coan, B., Kirsch, J., Lane, J.: Customizable fault tolerance for wide-area replication. In: Proceedings of the 26th IEEE Symposium on Reliable Distributed Systems (2007)

  4. Bertino, E., Martino, L., Paci, F., Squicciarini, A.: Web services threats, vulnerabilities, and countermeasures. In: Security for Web Services and Service-Oriented Architectures, pp. 25–44. Springer, Berlin (2010)

  5. Bhatti, R., Bertino, E., Ghafoor, A.: A trust-based context-aware access control model for web-services. Distrib. Parallel Databases. 18(1), 83–105 (2005)

    Article  Google Scholar 

  6. Biskup, J., Carminati, B., Ferrari, E., Muller, F., Wortmann, S.: Towards secure execution orders for compositeweb services. In: Web Services, 2007. ICWS 2007. IEEE International Conference on IEEE, pp. 489–496 (2007)

  7. Carminati, B., Ferrari, E., Hung, P.C.: Web service composition: a security perspective. In: Web Information Retrieval and Integration, 2005. WIRI’05. Proceedings. International Workshop on Challenges in IEEE, pp. 248–253 (2005)

  8. Carminati, B., Ferrari, E., Hung, P.C.: Security conscious web service composition. In: Web Services, 2006. ICWS’06. International Conference on IEEE, pp. 489–496 (2006)

  9. Charfi, A., Mezini, M.: Using aspects for security engineering of web service compositions. In: Web Services, 2005. ICWS 2005. Proceedings. 2005 IEEE International Conference on IEEE, pp. 59–66 (2005)

  10. Elgedawy, I.: CRESCENT: a reliable framework for durable composite web services management. Comput. J. 58(2), 280–299 (2015)

    Article  Google Scholar 

  11. Elgedawy, I.: USTA: an aspect-oriented knowledge management framework for reusable assets discovery. Arab. J. Sci. Eng. 40(2), 451–474 (2015)

    Article  Google Scholar 

  12. Elgedawy, I.: GEMINI: a hybrid byzantine fault tolerant protocol for reliable composite web services orchestrated delivery. Int. J. Comput. Theory Eng. (IJCTE) 8(5), 355–361 (2016)

    Article  Google Scholar 

  13. Elgedawy, I.: JAMEJAM: a framework for automating the service discovery process. J. Softw. (JSW) 11(7), 646–655 (2016)

    Article  Google Scholar 

  14. Elgedawy, I.: Wsla extensions for managing composite semantic web services. In: Proceedings of the first IEEE International Conference on Knowledge Engineering and Applications (ICKEA). Singapore (2016)

  15. Elgedawy, I.: DISCO: a dynamic self-configuring discovery service for semantic web services. In: Proceedings of the 7th International Conference on Cloud Computing and Service Science (CLOSER). Porto, Portugal (2017)

  16. Ghosh, R., Naik, V.: Biting off safely more than you can chew: Predictive analytics for resource over-commit in iaas cloud. In: IEEE 5th International Conference on Cloud Computing (2012)

  17. Goettelmann, E., Fdhila, W., Godart, C.: Partitioning and cloud deployment of composite web services under security constraints. In: Cloud Engineering (IC2E), 2013 IEEE International Conference on IEEE, pp. 193–200 (2013)

  18. Hutter, D., Volkamer, M.: Information flow control to secure dynamic web service composition. In: Clark, J.A., Paige, R.F., Polack, F.A.C., Brooke, P.J. (eds.) Security in Pervasive Computing. SPC 2006. Lecture Notes in Computer Science, vol. 3934, pp. 196–210. Springer, Berlin (2006)

  19. Kakogiannis, D.: M/M/1 Simulator. https://www.mathworks.com/matlabcentral/fileexchange/6743-mm1-simulator (2005). Accessed: 12 July 2017

  20. Karimi, S., Babamir, S.: Efficient intelligent secure for web service composition. In: International Conference on Communication Engineering (2010)

  21. Kephart, J.O., Chess, D.M.: The vision of autonomic computing. Computer 36(1), 41–50 (2003)

    Article  MathSciNet  Google Scholar 

  22. Madan, B.B., Goseva-Popstojanova, K., Vaidyanathan, K., Trivedi, K.S.: A method for modeling and quantifying the security attributes of intrusion tolerant systems. pp. 167–186 (2004). https://doi.org/10.1016/j.peva.2003.07.008

  23. Mao, Y., Junqueira, F.P., Marzullo, K.: Mencius: building efficient replicated state machines for wans. In: Proceedings of the 8th USENIX Conference on Operating systems Design and Implementation, OSDI’08, pp. 369–384 (2008)

  24. OASIS Committe: Security assertion markup language (saml). http://www.oasis-open.org/committees/security (2013). Accessed 12 July 2017

  25. OASIS Committee Specification 1: eXtensible Access Control Markup Language (XACML) version 3.0. (oasis 2010). http://docs.oasis-open.org/xacml/3.0/xacml-3.0-core-spec-cs-01-en.pdf (2010). Accessed 12 July 2017

  26. Papazoglou, M.P., van den Heuvel, W.J.: Web services management: a survey 58–64 (2005)

  27. Sathiaseelan, J.: Architectural framework for secure composite web services. Citeseer (2013)

  28. Satoh, F., Tokuda, T.: Security policy composition for composite web services. Serv. Comput. IEEE Trans. 4(4), 314–327 (2011). https://doi.org/10.1109/TSC.2010.40

  29. She, W., Yen, I.L., Thuraisingham, B.: Enhancing security modeling for web services using delegation and pass-on. In: Web Services, 2008. ICWS’08. IEEE International Conference on IEEE, pp. 545–552 (2008)

  30. Souza, A.R.R., Silva, B.L. B., Lins, F.A.A., Damasceno J.C., Rosa N.S., Maciel, P.R.M., Medeiros, R.W.A., Stephenson, B., Motahari-Nezhad, H.R., Li, J., Northfleet, C.: Incorporating security requirements into service composition: from modelling to execution. In: Baresi L., Chi CH., Suzuki J. (eds) Service-Oriented Computing. Lecture Notes in Computer Science, vol. 5900, pp. 373–388. Springer, Berlin (2009)

  31. Yan, D., Tian, Y., Huang, J., Yang, F.: Privacy-aware RBAC model for web services composition. J. China Univ. Posts Telecommun. 20(1), 30–34 (2013)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Computer Engineering Department, Middle East Technical University, Northern Cyprus Campus, Kalkanli, Guzelyurt, Mersin 10, Turkey

    Islam Elgedawy

  2. School of Electrical Engineering and Computer Science, National University of Sciences and Technology, Sector H-12, Islamabad, Pakistan

    Sara Khurshid

  3. School of Electrical Engineering and Telecommunications, University of New South Wales, Sydney, NSW, Australia

    Rahat Masood

  4. Fiat Chrysler Automobiles, Auburn Hills, MI, USA

    Muhammad Awais Shibli

Authors
  1. Islam Elgedawy
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Sara Khurshid
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Rahat Masood
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Muhammad Awais Shibli
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Islam Elgedawy.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Elgedawy, I., Khurshid, S., Masood, R. et al. CRESCENT+: a self-protecting framework for reliable composite web service delivery. Iran J Comput Sci 1, 65–87 (2018). https://doi.org/10.1007/s42044-018-0008-3

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s42044-018-0008-3

Keywords

Search

Navigation