CONSTRUCTION OF CUSTOMIZABLE SOA SECURITY FRAMEWORK USING ARTIFICIAL NEURAL NETWORKS

Authors

  • Mohamed Ibrahim B Research Scholar & Software Solution Architect, Malaysia
  • Mohd Fadzil Hassan Department of Computer and Information Sciences, Universiti Teknologi PETRONAS, Malaysia

DOI:

https://doi.org/10.11113/jt.v78.10023

Keywords:

SOA, web services, security, neural nets, machine learning, SOAP, WSDL

Abstract

The Web Services technology for the implementation of Service Oriented Architecture (SOA) is the preferred choice in the current era of Enterprise Application Integration (EAI). As Web Services architecture is dynamic and loosely coupled, security aspects must be considered thoroughly at the time of designing. It is prone for attacks as it uses XML format for data exchange, which is a plain text. A novel security component named “Intelligent Security Engine (ISE)†is introduced into the proposed framework which incorporates Artificial Neural Networks (ANN) Learning Techniques for supervised knowledge acquisition on security threats of SOA. Thus, the proposed security framework is capable in the identification of future security vulnerabilities of SOA and can work effectively even for in-secured cross organizational EAI environment. 

References

Fonseca, J., Abdelouahab, Z., Lopes, D., & Labidi, S. 2009. A Security Framework for SOA Applications in Mobile Environment, International Journal of Network Security & Its Applications (IJNSA). 1(3)

Fernandes, D. A., Soares, L. F., Gomes, J. V., Freire, M. M., & Inácio, P. R. 2014. Security Issues in Cloud Environments: A Survey, International Journal of Information Security. 13

Oldooz Karimi. 2011. Security Model For Service-Oriented Architecture, Advanced Computing: An International Journal (ACIJ). 2(4).

Moradian, E., HÃ¥kansson, A., & Andersson, J. O. 2012. Ontology Based Patterns for Software Security Engineering, Advances in Knowledge-based Intelligent Information and Engineering Systems, IOS Press,

Baby, Anu Soosan, Deepu Raveendran, and Aswathy Josephine Joe. 2012. A Study on Secure and Efficient Access Control Framework for SOA, International Journal of Computer Science and Telecommunications. 3(6).

Miede, A., Nedyalkov, N., Schuller, D., Repp, N., & Steinmetz, R. 2010. Cross-organizational Security –The Service Oriented Difference, Service-Oriented Computing, Springer

Shah, D., Agarwal, M., Mehra, M., & Mangal, A., Global SOA: RSS-based Web Services Repository and Ranking, IEEE Fifth International Conference on Internet and Web Applications and Services (ICIW), 2010

Saleem, M., J. Jaafar, and M. Hassan. 2012. A Domain-Specific Language for Modeling Security Objectives in a Business Process Models of SOA Applications, AISS. 4(1)

Kassou, M., & Kjiri, L. 2012 A Goal Question Metric Approach for Evaluating Security in a Service Oriented Architecture Context, International Journal of Computer Science Issues. 9(4): 1

https://web.nvd.nist.gov

Upendra Kumar & Rao. 2011. Designing Dependable Agile Layered Web Services Security Architecture Solutions, Indian Journal of Computer Science and Engineering (IJCSE). 2(3)

Arezoo Mirtalebi and Mohammad Reza Khayyambashi. 2012. A new Security Framework for Protecting WSDL File of Web Service, International Journal of Computer Science and Network Security (IJCSNS). 12(9)

Xu, Tao, and Chunxiao Yi. 2011. SOAP-Based Security Interaction of Web Service in Heterogeneous Platforms, Journal of Information Security.

Pankaj Choudhary, Rajendra Aaseri, and Nirmal Roberts. 2013. HTTPI based Web Service Security over SOAP, International Journal of Network Security & Its Applications (IJNSA). 5(3)

Sisodia, Deepti, Lokesh Singh, and Sheetal Sisodia. 2012. Web Based Secure SOA, International Journal of Computing Algorithm. 1(2)

Shahgholi, N., Mohsenzadeh, M., Seyyedi, M., & Qorani, S. H. 2011. A New SOA Security Framework Defending Web Services against WSDL Attacks, Proceeding of IEEE 3rd International Conference on Social Computing.

She, Wei, I. Yen, and Bhavani Thuraisingham. 2008. Enhancing Security Modeling for Web Services using Delegation and Pass-on, IEEE International Conference on Web Services (ICWS), China.

Kou Hongzhao, 2010. A Study on the Security Mechanism for Web Services, Proceedings of the World Congress on Engineering and Computer Science, San Francisco, USA. I.

Kharat, Prachi M., Prachi A. Deshpande, and Aaditya P. Bakshi. 2013. Single Sign On Certificate Based Authentication for WS-Security, International Journal of Advanced Research in Computer Science. 4(6)

Navya Sidharth and Jigang Liu, IAPF: A Framework for Enhancing Web Services Security, 31st Annual International Conference on Computer Software and Applications, 2010

Sen, Anand Swarup, and Pritesh Jain, Technique of Intrusion Detection based on Neural Network –A Review, IEEE Conference on IT in Business, Industry and Government (CSIBIG), 2014

Grzonka D, Kołodziej J, Tao J, Khan SU. 2014. Artificial Neural Network Support to Monitoring of The Evolutionary Driven Security Aware Scheduling in Computational Distributed Environments, Future Generation Computer Systems. 51: 72-86.

Rohani, M.F.A., Maarof, M.A., Selamat, A. and Kettani, H. 2007. Uncovering Anomaly Traffic Based on Loss of Self-Similarity Behavior Using Second Order Statistical Model, International Journal Computer Science and Network Security. 116-122

Downloads

Published

2016-12-15

Issue

Vol. 78 No. 12-3: Towards Advancement of Sustainable Computational Technology

Section

Science and Engineering

License

Copyright of articles that appear in Jurnal Teknologi belongs exclusively to Penerbit Universiti Teknologi Malaysia (Penerbit UTM Press). This copyright covers the rights to reproduce the article, including reprints, electronic reproductions, or any other reproductions of similar nature.

How to Cite

CONSTRUCTION OF CUSTOMIZABLE SOA SECURITY FRAMEWORK USING ARTIFICIAL NEURAL NETWORKS. (2016). Jurnal Teknologi, 78(12-3). https://doi.org/10.11113/jt.v78.10023