부산대학교 도서관

Interest in Service Oriented Architecture (SOA) is rapidly increasing in the business world due to the many benefits it offers such as reliability, manageability, reusability, flexibility, efficiency, and interoperability. There are many security technologies and models being developed for SOA. They implement or encode specific aspects of authentication, authorization, encryption, trust, and access control respectively but none of them was entirely devoted to integrity. In this paper we propose Service Clark-Wilson Integrity Model (SCWIM), a top down integrity model for SOA capable of describing sufficient conditions to protect data integrity in any SOA implementation. Based on the original Clark-Wilson Integrity Model, our model can form the basis for system security audits and assist SOA architects in developing systems that protect data integrity, as well as providing guidance for evaluating existing SOA systems.