Magazines/Newspapers

A security framework for SOA applications in mobile environment

Description
A Rapid evolution of mobile technologies has led to the development of more sophisticated mobile devices with better storage, processing and transmission power. These factors enable support to many types of application but also give rise to a
Published
of 18
All materials on our website are shared by users. If you have any questions about copyright issues, please report us to resolve them. We are always happy to assist you.
Related Documents
Share
Transcript
  International Journal of Network Security & Its Applications (IJNSA), Vol.1, No.3, Octoer !""#  A S ECURITY   F RAMEWORK    FOR   SOA A  PPLICATIONS   IN  M OBILE  E NVIRONMENT Jo$nnet$ %onseca, air A'eloua$a, enial'o *opes an' Sofiane *ai'i %e'eral +niersity of aran$-o, /0///A. os portu2ueses, apus 'o 4acan2a, S-o *uis 5 A 67"8"9":"  johnneth.sfonseca@gmail.com, zair@dee.ufma.br, denivaldo.lopes@gmail.com, labidi@uol.com.br   A  BSTRACT   A Rapid evolution of mobile technologies has led to the development of more sophisticated mobile devices with better storage, processing and transmission power. These factors enable support to many types of application but also give rise to a necessity to find a model of service development. Actually, SA !Service riented Architecture" is a good option to support application development. This paper  presents a framewor# that allows the development of SA based application in mobile environment. The objective of the framewor# is to give developers with tools for provision of services in this environment with the necessary security characteristics.  K   EYWORDS  SOA, Security, %raework, oile 'eices 1. I NTRODUCTION Oer t$e last years t$ere is a 2reat iproeent of capailities of oile 'eice, ot$ in its stora2e capacity an' in processin2 power. 0$is $as enale' a wi'er acceptance of t$ese 'eices w$ic$ now offer a ariety of applications to users. In a''ition, new counication tec$nolo2ies allow t$ese 'eices to access t$e Internet ore efficiently an' to counicate wit$ eac$ ot$er.Actually, it is possile to 'eelop an' install in t$ese e;uipents ot$er applications an' serices  eyon' t$ose alrea'y coin2 fro t$e factory. 0$ese types of applications ay act as serice consuers oran' serice proi'ers. 0$us, t$ere is a nee' to use a pattern of 'eelopent t$at allows 'eelopers to create an' proi'e its serices ore ;uickly an' efficiently. Serice9Oriente' Arc$itecture (SOA) $as eer2e' as a solution to t$is type of necessity <13=<1:=<1>=.0$e ai of t$is paper is to 'escrie a fraework to t$e 'eelopent of SOA ase' applications in oile enironent 'rawin2 t$e cople?ity of t$eir 'eelopent, wit$ ec$aniss to  perfor all necessary functions for proision of serices, suc$ as 'escriin2 serices, carry essa2es fro t$e parser wit$ specific forat, creatin2 a c$annel of counication to receie an' sen' essa2es. @it$ t$is fraework, serices ay e associate' wit$ security properties suc$ as crypto2rap$y, 'i2ital si2natures. 0$is paper is structure' of t$e followin2 for. 0$e first section presents t$e ai an' otiations of t$e work. 0$e secon' section 'escries t$e SOA arc$itecture an' its ain coponents. 0$e t$ir' section 'escries t$e necessary serices in oile enironent. 0$e fourt$ section s$ows t$e ains proles relate' to security in t$e oile enironent. 0$e fift$ section 'escries t$e propose' arc$itecture an' t$e si?t$ section s$ows soe work relate' to t$e #"  International Journal of Network Security & Its Applications (IJNSA), Vol.1, No.3, Octoer !""#  propose' work. %inally t$e last section presents t$e conclusions an' su22estions for future work. 2. S ERVICE  O RIENTED  A RCHITECTURE  (SOA) SOA 'escries t$e keys concepts of software arc$itecture an' t$eir relations, w$ere a serice an' its use are t$e key concepts t$at are inole', followin2 a o'el of pulis$in2 serices an' applications an' t$eir uniersal access <7=<13=. SOA $as an interface t$at 'escries a collection of operations accessile oer t$e network ia a stan'ar'ie' forat (e.2. B*). 0$ese re;uireents are actiate' anyw$ere in a 'ynaic coputin2 enironent an'or perasie coputin2 w$ere serice proi'ers offer a ran2e of serices. SOA creates an enironent in w$ic$ 'istriute' applications an' coponents ay create in'epen'ently of lan2ua2e an' platfor an' focuses on t$e use of a relatiely wi'esprea'  pattern of counication etween operations, enalin2 t$us a o'el for $oo2eneous 'istriution an' coposition of coponents. SOA is a o'el of coponents, proi'in2 an enironent for uil'in2 'istriute' systes <6=. SOA applications counicate functionally as a serice to t$e en' userCs applications an' ot$er serices, rin2in2 t$e enefits of low couplin2 an' encapsulation for t$e inte2ration of enterprises applications. SOA 'efines t$e rules of t$e participants as proi'er of serices, custoer of serices an' re2istry of serices. SOA is not a ratin2 an' any new tec$nolo2ies suc$ as OD4A an' O at least alrea'y $a' t$is i'ea. @e serices are new to 'eelopers an' are t$e est way to ac$iee an' 'eelop an SOA . 2.1. SOA Architecture 0$e asic arc$itecture of SOA consists of t$ree ain coponents <3= (fi2ure 1)E %i2ure 1. 4asic arc$itecture of a SOA • Serice De;uestor (lient) 5 t$is entity re;uires certain functions to perfor soe task, application or serice t$at relies on interaction wit$ a oot or soe sericeF • Serice Groi'er 5 t$is entity creates an' proi'es t$e serice, it also akes a 'escription of t$e serice an' pulis$es it in a central re2istryF • Serice De2istry (4roker) 9 location of serice 'escription (i.e. w$ere t$e Serice Groi'er pulis$es a 'escription of t$e serice). #1  International Journal of Network Security & Its Applications (IJNSA), Vol.1, No.3, Octoer !""# Alt$ou2$ a serice proi'er is ipleente' in a oile 'eice, t$e stan'ar' @S* can e use' to 'escrie t$e serice, an' t$e stan'ar' +I re2istry ay e use' to pulis$ an' ake t$e serice aailale. A c$allen2e is in 'eelopin2 oile terinal arc$itectures suc$ one of a stan'ar' 'esktop syste, takin2 into account low resources of oile 'eice <>=<17=. 2.2. SOA Operations 0$e coponents of SOA interact wit$ eac$ ot$er t$rou2$ operations (fi2ure 1) w$ic$ are 'escrie' elowE • Gulis$ 9 recor's a 'escription of t$e serice in 'irectory serices, coerin2 t$e re2istration of its capailities, interface, perforance an' ;uality t$at it offers offersF • %in' 5 searc$es for serices re2istere' in 'irectory serices, proi'e' t$ey eet t$e 'esire' criteria an' it can e use' in a process of usiness, takin2 into account t$e 'escription of t$e pulis$e' sericeF • 4in' 9 t$is operation relies on t$e serice re;ueste' or oots an interaction wit$ t$e serice at runtie usin2 t$e inforation otaine' in 'iscoery of t$e sericeF . ! E"  S ERVICE  # ROVISION  $ % O"I&E   HOST oile Host is a proi'er of serices (  Light Weight  )  uilt to run on oile 'eices suc$ as sart9p$ones an' GAs <1=, 'eelope' as a $eb Service %andler   uilt on top of a noral @e serer. oile Host opens a new set of applications yet little e?plore' <!=. 0$ey ay e use' in areas suc$ as location9ase' serices, counity support for oile an' 2aes. It also allows saller oile operators increase t$eir usiness wit$out resortin2 to a stationary infrastructure. Howeer, t$ese a''itional fle?iilities 2enerate a lar2e nuer of interestin2 ;uestions for sureys w$ic$ re;uire furt$er inesti2ation. %i2ure ! s$ows t$e ain coponents of a oile Host.0$e 'esi2n of a oile Host is 2oin2 t$rou2$ any t$in2s, soe issues w$ere t$ere is ery little researc$F so far set up serice proisionin2 is ery liite' to 'eices. 0$e work in <:= 'escries a o'el for t$e 'eelopent of a oile Host syste in 2eneral.0ra'itionally, oile systes $ae een 'esi2ne' as client9serer systes w$ere thin c'ients suc$ as GAs or p$ones are ale to use wireless connections to 2ain access to resources ('ata an' serices) proi'e' y central serers <!=. @it$ t$e eer2ence of wireless networks, A'9Hoc an' powerful oile 'eices it ecoes possile to 'esi2n oile syste usin2 an arc$itecture  peer9to9peer <16=<18=<1#=. Accor'in2 to <!=, t$e followin2 c$aracteristics ust e 2uarantee' so t$at SOA can e uilt in t$e oile enironentE1.0$e interface ust e copatile wit$ t$e interface of SOA use' in t$e 'esktop enironent for custoersF !. 0$e space use' y t$e serice s$oul' e sall in relation to t$e oile 'eiceF 3. 0$e serice s$oul' not affect noral operations of t$e 'eiceF:.A stan'ar' @e serer t$at $an'le re;uests of networkF #!  International Journal of Network Security & Its Applications (IJNSA), Vol.1, No.3, Octoer !""# 7.A proi'er of asic serices for treatent of re;uests for SOAF6.Aility to 'eal wit$ copetin2 re;uestsF>.Support t$e 'eployent of serices at runtieF8.Support for t$e analysis of perforanceF#.Access t$e local file syste, or any e?ternal 'eice like a GS receier, usin2 infrare', 4luetoot$ etc.%i2ure !. ore of a oile Host . S ECURIT Security in wireless networks always is eolin2. @it$ a'e;uate tie a persistent cracker is capale of ina'in2 a wireless syste. oreoer, soe attitu'es nee' to e taken to $in'er as uc$ as possile t$e work of an intru'er, allowin2 asic serices of security are et.Disks alrea'y coon in wire' networks are incorporate' into t$e wireless networks, new arise 'ue to 'ifferences in p$ysical structure of t$ese an' $ow t$ey operate. 0$us, any solution tar2ete' for wireless networks are to e uilt in copliance wit$ t$ese new risks ecause t$at t$ey are uni;ue to wireless networks.0$e 2reatest t$reat to a oile network is t$e possiility of installin2 wires t$rou2$ 'oors in  p$one calls an' 'ata traffic. 0$is t$reat can e ree'ie' in part wit$ t$e use of encryption. onse;uently, t$e proaility of t$reat 'epen's on t$e stren2t$ of t$e encryption al2orit$. 0$is resistance is an e?it t$at ecoes ;uestionale in t$e S syste. Anot$er critical t$reat, alt$ou2$ ore $ypot$etical, is aen'in2 t$e ori2inal oile traffic. In t$is case t$e attacker oerwrites t$e 'ata wit$ t$eir own inforation. #3  International Journal of Network Security & Its Applications (IJNSA), Vol.1, No.3, Octoer !""# %i2ure 3 5 0ypical reac$es of security in SOA oile0$e onitorin2 of traffic etween t$e 'eice an' ase station can 2et t$e position, spee', 'uration of traffic, 'uration, i'entification of a oile 'eice. Howeer, t$e scenarios of e?ploitation y intru'ers are t$e 2reatest enefit fro liite' inforation can e possily 'etails of location an' profile of t$e user.%i2ure :. 4asic re;uireents for t$e safety of oile SOASince a SOA is ipleente' as a oile Host, t$e serices are prone to 'ifferent types of security reac$esE suc$ as 'enial of serice attacks, an9in9t$e9i''le, an' spoofin2 of intrusion, an' so on. SOA in oile enironent usin2 tec$nolo2ies ase' on essa2e (suc$ as SOAG oer H00G) for cople? operations in seeral areas. Also, t$ere ay e any le2itiate serices intere'iaries in t$e counication etween 'oin2 coposes a particular serice, w$ic$ akes t$e conte?t of a security re;uireent en'9to9en'. #:
Search
Related Search
We Need Your Support
Thank you for visiting our website and your interest in our free products and services. We are nonprofit website to share and download documents. To the running of this website, we need your help to support us.

Thanks to everyone for your continued support.

No, Thanks