Security and trustworthiness threats to composite services: Taxonomy, Countermeasures, And research directions

Per Håkon Meland, Muhammad Asim, Dhouha Ayed, Fabiano Dalpiaz, Edith Félix, Paolo Giorgini, Susana Gonzáles, Brett Lempereur, John Ronan

Research output: Contribution to journalArticlepeer-review

1 Citation (Scopus)

Abstract

This chapter studies not only how traditional threats may affect composite services, but also some of the new challenges that arise from the emerging Future Internet. For instance, while atomic services may, in isolation, comply with privacy requirements, a composition of the same services could lead to violations due to the combined information they manipulate. Furthermore, with volatile services and evolving laws and regulations, a composite service that seemed secure enough at deployment time, may find itself unacceptably compromised some time later. Our main contributions are a taxonomy of threats for composite services in the Future Internet, which organises thirty-two threats within seven categories, and a corresponding taxonomy of thirty-three countermeasures. These results have been devised from analysing service scenarios and their possible abuse with participants from seventeen organisations from industry and academia.

Original languageEnglish
Pages (from-to)10-35
Number of pages26
JournalLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume8900
DOIs
Publication statusPublished - 2014

Keywords

  • Countermeasures
  • Security
  • Service composition
  • Taxonomy
  • Threats
  • Trustworthiness

Fingerprint

Dive into the research topics of 'Security and trustworthiness threats to composite services: Taxonomy, Countermeasures, And research directions'. Together they form a unique fingerprint.

Cite this