Skip to main content
SpringerLink
Log in
Book cover

International Conference on Internet and Distributed Computing Systems

IDCS 2014: Internet and Distributed Computing Systems pp 275–284Cite as

Towards a Reference Architecture for Service-Oriented Cross Domain Security Infrastructures

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 8729))

Abstract

Today’s Cross Domain Communication (CDC) infrastructure largely consists of guards built to vendor specifications. Such an infrastructure often fails to provide adequate protections for CDC workflows involving Service Oriented Architectures. Focusing on the transport layer and oblivious to the context of the information exchanges, the guards often rely on rudimentary filtering techniques that require frequent human intervention to adjudicate messages. In this paper, we present a set of key requirements and design principles for a Service Oriented Cross Domain Security Infrastructure in form of a CDC Reference Architecture, featuring domain-associated guards as active workflow participants. This reference architecture will provide the foundation for the development of protocols and ontologies enabling runtime coordination among CDC elements, leading to more secure, effective, and interoperable CDC solutions.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Swamy, N., Hicks, M.: Verified Enforcement of Security Policies for Cross-Domain Information Flows, http://www.cs.umd.edu/~mwh/papers/selinks-cpa.pdf

  2. Irvine, C.E., et al.: MYSEA: the Monterey security architecture. In: Proc. of the Workshop on Scalable Trusted Computing (ACM STC), Conference on Computer and Communications Security (CCS), pp. 39–48. Association for Computing Machinery (ACM), Chicago (2009)

    Google Scholar 

  3. Atighetchi, M., et al.: XDDS: A Salable Guard-Agnostic Cross Domain Discovery Service, http://www.dtic.mil/cgi-bin/GetTRDoc?AD=ADA532504

  4. W3C, Web Services Architecture, W3C Working Group Note (February 11, 2004)

    Google Scholar 

  5. Shader, M.: Cross-Domain Application Architecture: The Need for an End-to-End Approach (2012), http://yellowhouseassociates.net/download/YHA_CDAA_WP.pdf

  6. Fielding, R.: Architectural styles and the design of network-based software architectures. Diss. University of California, Irvine (2000)

    Google Scholar 

  7. Intelligence Community and Department of Defense Content Discovery and Retrieval Integrated Project Team. IC/DoD Content Discovery and Retrieval Reference Architecture (February 2011)

    Google Scholar 

  8. OASIS, Universal Description, Discovery and Integration v3.0.2, OASIS Standard (February 2005)

    Google Scholar 

  9. Kim, A., Luo, J., Kang, M.: Security ontology for annotating resources. In: Meersman, R. (ed.) OTM 2005. LNCS, vol. 3761, pp. 1483–1499. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  10. Denker, G., Kagal, L., Finin, T.: Security in the Semantic Web using OWL. Information Security Technical Report 10(1), 51–58 (2005)

    Article  Google Scholar 

  11. Blanco, C., et al.: A Systematic Review and Comparison of Security Ontologies, ares. In: 2008 Third International Conference on Availability, Reliability and Security, pp. 813–820 (2008)

    Google Scholar 

  12. OASIS, Web Services Security: SOAP Message Security 1.1, OASIS Standard (February 2006)

    Google Scholar 

  13. Object Management Group (OMG), Business Process Model and Notation (BPMN) Version 2.0, OMG Standard (January 2011)

    Google Scholar 

  14. OASIS, Web Services Business Process Execution Language 2.0, OASIS Standard (April 2007)

    Google Scholar 

  15. Object Management Group (OMG), Model Driven Architecture ®, http://www.omg.org/mda/

  16. W3C, Web Services Description Language (WSDL) 1.1, W3C Note (March 15, 2001)

    Google Scholar 

  17. Mundie, D.A., McIntire, D.M.: The MAL: A Malware Analysis Lexicon. CERT® Program - Carnegie Mellon University. Technical (2013)

    Google Scholar 

  18. The MITRE Corporation, Science of Cyber-Security, The MITRE Corporation. Technical (2010)

    Google Scholar 

  19. Zhu, W.: Semantic Mediation Bus: An Ontology-based Runtime Infrastructure for Service Interoperability. In: 2012 IEEE 16th International Enterprise Distributed Object Computing Conference Workshops (EDOCW), September 10-14, pp. 140–145 (2012)

    Google Scholar 

  20. W3C, Web Services Addressing 1.0 – Core, W3C Recommendation (May 9, 2006)

    Google Scholar 

  21. Harrington, D., Presuhn, R., Wijnen, B.: An Architecture for Describing Simple Network Management Protocol (SNMP) Management Frameworks. Internet Engineering Task Force RFC (December 2002)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Alion Science and Technology, Vienna, VA, USA

    Wen Zhu

  2. National Center for Ontological Research, Reston, VA, USA

    Lowell Vizenor

  3. George Mason University, Fairfax, VA, USA

    Avinash Srinivasan

Authors
  1. Wen Zhu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Lowell Vizenor
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Avinash Srinivasan
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Informatics, Modelling, Electronics and Systems (DIMES), University of Calabria (UNICAL), Rende, Italy

    Giancarlo Fortino

  2. The University of Reading, Whiteknights, Reading, RG6 6AY, Berkshire, UK

    Giuseppe Di Fatta

  3. School of Logistics Engineering, Wuhan University of Technology, Wuhan, P.R. China

    Wenfeng Li

  4. Computer Science Department, Universidad de Chile, Chile

    Sergio Ochoa

  5. ICAR-CNR and University of Calabria, Italy

    Alfredo Cuzzocrea

  6. CSIRO ICT, Center, Room # 5124, 108 North Road, Acton, ACT 2601, Australia

    Mukaddim Pathan

Rights and permissions

Reprints and permissions

Copyright information

© 2014 Springer International Publishing Switzerland

About this paper

Cite this paper

Zhu, W., Vizenor, L., Srinivasan, A. (2014). Towards a Reference Architecture for Service-Oriented Cross Domain Security Infrastructures. In: Fortino, G., Di Fatta, G., Li, W., Ochoa, S., Cuzzocrea, A., Pathan, M. (eds) Internet and Distributed Computing Systems. IDCS 2014. Lecture Notes in Computer Science, vol 8729. Springer, Cham. https://doi.org/10.1007/978-3-319-11692-1_24

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-11692-1_24

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-11691-4

  • Online ISBN: 978-3-319-11692-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation