TY - JOUR
T1 - Security and trustworthiness threats to composite services
T2 - Taxonomy, Countermeasures, And research directions
AU - Meland, Per Håkon
AU - Asim, Muhammad
AU - Ayed, Dhouha
AU - Dalpiaz, Fabiano
AU - Félix, Edith
AU - Giorgini, Paolo
AU - Gonzáles, Susana
AU - Lempereur, Brett
AU - Ronan, John
N1 - Publisher Copyright:
© Springer International Publishing Switzerland 2014.
PY - 2014
Y1 - 2014
N2 - This chapter studies not only how traditional threats may affect composite services, but also some of the new challenges that arise from the emerging Future Internet. For instance, while atomic services may, in isolation, comply with privacy requirements, a composition of the same services could lead to violations due to the combined information they manipulate. Furthermore, with volatile services and evolving laws and regulations, a composite service that seemed secure enough at deployment time, may find itself unacceptably compromised some time later. Our main contributions are a taxonomy of threats for composite services in the Future Internet, which organises thirty-two threats within seven categories, and a corresponding taxonomy of thirty-three countermeasures. These results have been devised from analysing service scenarios and their possible abuse with participants from seventeen organisations from industry and academia.
AB - This chapter studies not only how traditional threats may affect composite services, but also some of the new challenges that arise from the emerging Future Internet. For instance, while atomic services may, in isolation, comply with privacy requirements, a composition of the same services could lead to violations due to the combined information they manipulate. Furthermore, with volatile services and evolving laws and regulations, a composite service that seemed secure enough at deployment time, may find itself unacceptably compromised some time later. Our main contributions are a taxonomy of threats for composite services in the Future Internet, which organises thirty-two threats within seven categories, and a corresponding taxonomy of thirty-three countermeasures. These results have been devised from analysing service scenarios and their possible abuse with participants from seventeen organisations from industry and academia.
KW - Countermeasures
KW - Security
KW - Service composition
KW - Taxonomy
KW - Threats
KW - Trustworthiness
UR - http://www.scopus.com/inward/record.url?scp=84949129476&partnerID=8YFLogxK
U2 - 10.1007/978-3-319-13518-2_2
DO - 10.1007/978-3-319-13518-2_2
M3 - Article
AN - SCOPUS:84949129476
VL - 8900
SP - 10
EP - 35
JO - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
JF - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SN - 0302-9743
ER -