Cross-enterprise policy model for e-Business Web Services security

Abstract

Contemporary e-Business applications comprise of dynamic extensible and interoperable collection of services, Web Services and information shared by collaborating entities performing various transactional tasks. Securing these services offerings is therefore of crucial importance. To address security requirements, there has been a plethora of proposed solutions, ranging from hardware devices and security specifications to software applications. Most of these security solutions are largely technology focused with little or no evaluation and integration of policies and procedures of these collaborating entities. This research investigates the use of an approach that integrates documented cross-enterprise policies with current security technology, to enhance the overall security requirements of businesses that decide to use web services. A policy model for enhancing web services security is developed evaluated and presented. © Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering 2010.