A security framework for developing service-oriented software architectures

The usually heterogeneous and decentralized nature of entities in the service-oriented architecture has paved the ground for the implementation of approaches distributed according to the constantly changing needs of business. Also, as the distribution of entities and processes increases, the need to provide security over software and hardware sources, which have reached the public thanks to an open space as a result of the service-oriented architecture, is felt. Therefore, security modeling at the level of service-oriented architecture can boost system reliability and enhance its stability once applied and employed. This research provides a secure framework through which to develop software based on the service-oriented architecture. The proposed framework has been modeled using the SoaML profile, which has been introduced for modeling service-oriented environments. The framework's security aspects have been tested by the modeling and specification language Alloy, which is based on the first-order logic. Its accuracy has also been well investigated. Tapping into the model-driven development, this framework can provide an answer to existing security challenges for service-oriented architecture software. Copyright (c) 2015 John Wiley & Sons, Ltd.