Title: Developing web services security systems: a case study

Authors: Eduardo Fernandez-Medina, Carlos A. Gutierrez, Mario Piattini

Addresses: University of Castilla-La Mancha, Paseo de la Universidad, 4–13071 Ciudad Real, Spain. ' STL, CXaudaro, 15–28034, Madrid, Spain. ' University of Castilla-La Mancha, Paseo de la Universidad, 4–13071 Ciudad Real, Spain

Abstract: This article presents a case study in which the PWSSec (Process for Web Services Security) process was applied in the development of a web services-based system. It deals with the migration of an existing system whose objective is the execution of a workflow that enables web customers to carry out payments from their account to the account of a web-based organisation. Throughout this article, we present the difficulties encountered when applying the PWSSec, as well as the solutions that were employed. Some of these solutions were developed from scratch and others were adapted from existing proposals found in current literature.

Keywords: elicitation methods; domain-specific architectures; life cycle; process; quality analysis; quality evaluation; risk management; security; privacy protection; internet projects; distributed software engineering; internet-based software engineering; tools; techniques; standards; web services; workflow; e-payment; electronic payment; online payment; bank transfer systems; e-banking; online banking.

DOI: 10.1504/IJWET.2006.010417

International Journal of Web Engineering and Technology, 2006 Vol.2 No.4, pp.292 - 306

Published online: 20 Jul 2006 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article