Prennschütz-Schützenau, S. (2010). SOA security policy validation and authoring [Diploma Thesis, Technische Universität Wien]. reposiTUm. https://resolver.obvsg.at/urn:nbn:at:at-ubtuw:1-42209
A novel policy authoring Method that utilizes Schematron to validate abstract policy defintions against operational policy instances is examined. In a concrete case study, conformance of both (dynamic) WS-Security-augmented SOAP message exchanges and (static) WS-SecurityPolicy policies against WS-I's Basic Security Profile is assessed, by analyzing the results of the Schematron Validation Pipeline. An outline of how the approach can leveraged to express other macro-level security requirements - apart form "WS-I Conformance" - in form of an abstract schema(tron) constraints on policies is given, such as the way messages are to be secured or what algorithms are required.<br />The presentation concludes with a summation of experiments conducted and lessions for SOA practioners.
en
Additional information:
Abweichender Titel laut Übersetzung der Verfasserin/des Verfassers Zsfassung in dt. Sprache