A Goal Question Metric Approach for Evaluating Security in a Service Oriented Architecture Context
This work addresses security assessment for organizations using SOA, but it appears incremental as it adapts an existing GQM framework to a specific context.
The paper tackles the problem of evaluating security in Service Oriented Architecture (SOA) by proposing a Goal Question Metric (GQM) approach based on standard security metrics and SOA maturity, aiming to help organizations assess and enhance security in SOA-based collaborations.
For interactions to be possible within the Service Oriented Architecture (SOA) ecosystem, each actor must be enough confident of other actors to engage safely in the interactions. Therefore, the establishing of objective metrics tailored to the context of SOA that show security of a system and lead to enhancements is very attractive. The purpose of our paper is to present a GQM (Goal Question Metric) approach based on Standard security metrics and on SOA maturity that can be a support for organizations to assess SOA Security and to ensure the safety of their SOA based collaborations