About cookies on this site Our websites require some cookies to function properly (required). In addition, other cookies may be used with your consent to analyze site usage, improve the user experience and for advertising. For more information, please review your options. By visiting our website, you agree to our processing of information as described in IBM’sprivacy statement. To provide a smooth navigation, your cookie preferences will be shared across the IBM web domains listed here.
Publication
DEXA 2007
Conference paper
Extending a secure system development methodology to SOA
Abstract
The design of secure service-oriented architectures presents a new set of challenges for the designer. While security standards do provide some solutions, a secure system is one in which security is built in right from the start, not after a design approach has been decided. We have presented a methodology to build secure systems using patterns. We extend it now to service-oriented analysis and design, adapting the use of a tree with architectural decisions to include also security decisions. This decision tree makes architectural knowledge explicit and reusable and has value on its own right, independent of SOA and our methodology. © 2007 IEEE.