{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,26]],"date-time":"2025-03-26T03:56:49Z","timestamp":1742961409098,"version":"3.40.3"},"publisher-location":"Berlin, Heidelberg","reference-count":47,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642324383"},{"type":"electronic","value":"9783642324390"}],"license":[{"start":{"date-parts":[[2012,1,1]],"date-time":"2012-01-01T00:00:00Z","timestamp":1325376000000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2012]]},"DOI":"10.1007\/978-3-642-32439-0_6","type":"book-chapter","created":{"date-parts":[[2012,8,8]],"date-time":"2012-08-08T01:20:09Z","timestamp":1344388809000},"page":"93-108","source":"Crossref","is-referenced-by-count":1,"title":["Container-Level Security Certification of Services"],"prefix":"10.1007","author":[{"given":"Marco","family":"Anisetti","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Claudio A.","family":"Ardagna","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Ernesto","family":"Damiani","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","reference":[{"key":"6_CR1","unstructured":"Banerji, A., et al.: Web Services Conversation Language (WSCL) version 1.0. World Wide Web Consortium (W3C) (March 2002), http:\/\/www.w3.org\/TR\/wscl10\/"},{"key":"6_CR2","doi-asserted-by":"crossref","unstructured":"Anisetti, M., Ardagna, C., Damiani, E.: Fine-grained modeling of web services for test-based security certification. In: Proc. of the 8th International Conference on Service Computing (SCC 2011), Washington, DC, USA (July 2011)","DOI":"10.1109\/SCC.2011.27"},{"key":"6_CR3","volume-title":"Trustworthy Internet","author":"M. Anisetti","year":"2011","unstructured":"Anisetti, M., Ardagna, C., Damiani, E.: Certifying security and privacy properties in the internet of services. In: Bianchi, G., Blefari, N., Salgarelli, L. (eds.) Trustworthy Internet. Springer, Berlin (2011)"},{"issue":"3","key":"6_CR4","first-page":"141","volume":"19","author":"C. Ardagna","year":"2004","unstructured":"Ardagna, C., De Capitani di Vimercati, S.: A comparison of modeling strategies in defining XML-based access control language. Computer Systems Science & Engineering Journal\u00a019(3), 141\u2013149 (2004)","journal-title":"Computer Systems Science & Engineering Journal"},{"key":"6_CR5","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-72912-9","volume-title":"Test and Analysis of Web Services","author":"L. Baresi","year":"2007","unstructured":"Baresi, L., Di Nitto, E.: Test and Analysis of Web Services. Springer, New York (2007)"},{"key":"6_CR6","doi-asserted-by":"crossref","unstructured":"Bhargavan, K., Fournet, C., Gordon, A.: Verifying policy-based security for Web services. In: Proc. of the 11th ACM Conference on Computer and Communications Security (CCS 2004), Washington, DC, USA (October 2004)","DOI":"10.1145\/1030083.1030120"},{"key":"6_CR7","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"78","DOI":"10.1007\/978-3-540-95888-8_4","volume-title":"Software Engineering","author":"G. Canfora","year":"2009","unstructured":"Canfora, G., Di Penta, M.: Service-Oriented Architectures Testing: A Survey. In: De Lucia, A., Ferrucci, F. (eds.) ISSSE 2006-2008. LNCS, vol.\u00a05413, pp. 78\u2013105. Springer, Heidelberg (2009)"},{"key":"6_CR8","unstructured":"Chinnici, R., Moreau, J., Ryman, A., Weerawarana, S.: Web Services Description Language (WSDL) version 2.0. World Wide Web Consortium (W3C) (June 2007), http:\/\/www.w3.org\/TR\/wsdl20\/"},{"key":"6_CR9","doi-asserted-by":"crossref","unstructured":"Damiani, E.: Web service security. In: van Tilborg, H., Jajodia, S. (eds.) Encyclopedia of Cryptography and Security, 2nd edn. Springer (2011)","DOI":"10.1007\/978-1-4419-5906-5_668"},{"key":"6_CR10","doi-asserted-by":"publisher","DOI":"10.1007\/978-0-387-77324-7","volume-title":"Open source systems security certification","author":"E. Damiani","year":"2009","unstructured":"Damiani, E., Ardagna, C., Ioini, N.E.: Open source systems security certification. Springer, New York (2009)"},{"key":"6_CR11","doi-asserted-by":"crossref","unstructured":"Damiani, E., De Capitani di Vimercati, S., Paraboschi, S., Samarati, P.: Fine grained access control for SOAP e-services. In: Proc. of the 10th International World Wide Web Conference (WWW 2001), Hong Kong, China (May 2001)","DOI":"10.1145\/371920.372152"},{"key":"6_CR12","doi-asserted-by":"crossref","unstructured":"Damiani, E., El Ioini, N., Sillitti, A., Succi, G.: Ws-certificate. In: Proc. of the IEEE Congress on Services, Part I (SERVICES I 2009), Los Angeles, CA, USA (July 2009)","DOI":"10.1109\/SERVICES-I.2009.132"},{"key":"6_CR13","doi-asserted-by":"crossref","unstructured":"Dong, W.L., Yu, H.: Web service testing method based on fault-coverage. In: Proc. of the 10th IEEE International Enterprise Distributed Object Computing Conference Workshops (EDOCW 2006), Hong Kong, China (October 2006)","DOI":"10.1109\/EDOCW.2006.75"},{"key":"6_CR14","volume-title":"Service-Oriented Architecture: Concepts, Technology, and Design","author":"T. Erl","year":"2005","unstructured":"Erl, T.: Service-Oriented Architecture: Concepts, Technology, and Design. Prentice Hall PTR, Upper Saddle River (2005)"},{"key":"6_CR15","doi-asserted-by":"crossref","unstructured":"Fernandez, E., Delessy, N.: Using patterns to understand and compare web services security products and standards. In: Proc. of the International Conference on Advanced International Conference on Telecommunications\/Internet and Web Applications and Services (AICT-ICIW 2006), Guadeloupe, French Caribbean (February 2006)","DOI":"10.1109\/AICT-ICIW.2006.202"},{"key":"6_CR16","unstructured":"Frantzen, L., Tretmans, J., de Vries, R.: Towards model-based testing of web services. In: Proc. of the International Workshop on Web Services - Modeling and Testing (WS-MaTe 2006), Palermo, Italy, pp. 67\u201382 (June 2006)"},{"key":"6_CR17","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-540-31848-4_1","volume-title":"Formal Approaches to Software Testing","author":"L. Frantzen","year":"2005","unstructured":"Frantzen, L., Tretmans, J., Willemse, T.A.C.: Test Generation Based on Symbolic Specifications. In: Grabowski, J., Nielsen, B. (eds.) FATES 2004. LNCS, vol.\u00a03395, pp. 1\u201315. Springer, Heidelberg (2005)"},{"key":"6_CR18","unstructured":"Galbraith, B., Hankinson, W., Hiotis, A., Janakiraman, M., Prasad, D.V., Trivedi, R., Whitney, D.: Professional Web Services Security. Wrox Press Ltd. (December 2002)"},{"key":"6_CR19","unstructured":"Goodner, M., Nadalin, A.: Web Services Federation Language (WS-Federation) Version 1.2. OASIS (May 2009), http:\/\/docs.oasis-open.org\/wsfed\/federation\/v1.2\/os\/ws-federation-1.2-spec-os.html"},{"key":"6_CR20","unstructured":"Gudgin, M., Hadley, M., Mendelsohnand, N., Moreau, J.J., Nielsen, H., Karmarkar, A., Lafon, Y.: Simple Object Access Protocol (SOAP) 1.2. World Wide Web Consortium (W3C) (April 2007), http:\/\/www.w3.org\/TR\/soap12-part1\/"},{"key":"6_CR21","doi-asserted-by":"crossref","unstructured":"Han, J., Kowalczyk, R., Khan, K.: Security-oriented service composition and evolution. In: Proc. of the 13th Asia Pacific Software Engineering Conference (APSEC 2006), Bangalore, India (December 2006)","DOI":"10.1109\/APSEC.2006.51"},{"key":"6_CR22","doi-asserted-by":"crossref","unstructured":"Hanna, S., Munro, M.: An approach for specification-based test case generation for web services. In: Proc. of the IEEE\/ACS International Conference on Computer Systems and Applications (AICCSA 2007), Amman, Jordan (May 2007)","DOI":"10.1109\/AICCSA.2007.370859"},{"key":"6_CR23","unstructured":"Hashizume, K., Fernandez, E., Huang, S.: The ws-security pattern. In: Proc. of the First IEEE International Workshop on Security Engineering Environments (IWSEE 2009), Shanghai, China (December 2009)"},{"key":"6_CR24","unstructured":"Heckel, R., Lohmann, M.: Towards contract-based testing of web services. In: Proc. of the International Workshop on Test and Analysis of Component Based Systems (TACoS 2004), Barcelona, Spain (March 2004)"},{"key":"6_CR25","doi-asserted-by":"crossref","unstructured":"Herrmann, D.: Using the Common Criteria for IT security evaluation. Auerbach Publications (2002)","DOI":"10.1201\/9781420031423"},{"key":"6_CR26","unstructured":"IBM, Microsoft: Security in a Web Services World: A Proposed Architecture and Roadmap (April 2002), http:\/\/www.ibm.com\/developerworks\/library\/specification\/ws-secmap\/"},{"issue":"4","key":"6_CR27","first-page":"185","volume":"24","author":"M. Jensen","year":"2009","unstructured":"Jensen, M., Gruschka, N., Herkenh\u00f6ner, R.: A survey of attacks on Web services. Computer Science - R&D\u00a024(4), 185\u2013197 (2009)","journal-title":"Computer Science - R&D"},{"key":"6_CR28","doi-asserted-by":"crossref","unstructured":"Jokhio, M., Dobbie, G., Sun, J.: Towards specification based testing for semantic web services. In: Proc. of the 20th Australian Software Engineering Conference (ASWEC 2009), Gold Coast, Australia (April 2009)","DOI":"10.1109\/ASWEC.2009.38"},{"key":"6_CR29","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"103","DOI":"10.1007\/11754008_7","volume-title":"Testing of Communicating Systems","author":"C. Keum","year":"2006","unstructured":"Keum, C., Kang, S., Ko, I.-Y., Baik, J., Choi, Y.-I.: Generating Test Cases for Web Services Using Extended Finite State Machine. In: Uyar, M.\u00dc., Duale, A.Y., Fecko, M.A. (eds.) TestCom 2006. LNCS, vol.\u00a03964, pp. 103\u2013117. Springer, Heidelberg (2006)"},{"key":"6_CR30","doi-asserted-by":"crossref","unstructured":"Kim, A., Luo, J., Kang, M.: Security ontology for annotating resources. In: Proc. of the 4th International Conference on Ontologies, Databases, and Applications of Semantics (ODBASE 2005), Agia Napa, Cyprus (November 2005)","DOI":"10.1007\/11575801_34"},{"key":"6_CR31","series-title":"IFIP","doi-asserted-by":"publisher","first-page":"473","DOI":"10.1007\/978-0-387-84837-2_49","volume-title":"Pervasive Collaborative Networks","author":"D. Kourtesis","year":"2008","unstructured":"Kourtesis, D., Ramollari, E., Dranidis, D., Paraskakis, I.: Discovery and selection of certified web services through registry-based testing and verification. In: Camarinha-Matos, L., Picard, W. (eds.) Pervasive Collaborative Networks. IFIP, vol.\u00a0283, pp. 473\u2013482. Springer, Boston (2008)"},{"key":"6_CR32","doi-asserted-by":"crossref","unstructured":"Mao, C.: Towards a hierarchical testing and evaluation strategy for web services system. In: Proc. of the 7th ACIS International Conference on Software Engineering Research, Management and Applications (SERA 2009), Haikou, China (December 2009)","DOI":"10.1109\/SERA.2009.27"},{"key":"6_CR33","unstructured":"Microsoft: Web Service Security: Scenarios, Patterns, and Implementation Guidance for Web Services Enhancements (WSE) 3.0 (December 2005), http:\/\/msdn.microsoft.com\/en-us\/library\/aa480545.aspx"},{"key":"6_CR34","unstructured":"Microsoft: Web Services Security Specifications (October 2007), http:\/\/msdn.microsoft.com\/en-us\/library\/ms951273.aspx"},{"key":"6_CR35","unstructured":"Nadalin, A., Goodner, M., Gudgin, M., Barbir, A., Granqvist, H.: WS-SecureConversation 1.3. OASIS (March 2007), http:\/\/docs.oasis-open.org\/ws-sx\/ws-secureconversation\/200512\/ws-secureconversation-1.3-os.html"},{"key":"6_CR36","unstructured":"Nadalin, A., Goodner, M., Gudgin, M., Barbir, A., Granqvist, H.: WS-SecurityPolicy 1.2. OASIS (July 2007), http:\/\/docs.oasis-open.org\/ws-sx\/ws-securitypolicy\/200702\/ws-securitypolicy-1.2-spec-os.html"},{"key":"6_CR37","unstructured":"Nadalin, A., Goodner, M., Gudgin, M., Barbir, A., Granqvist, H.: WS-Trust 1.3. OASIS (March 2007), http:\/\/docs.oasis-open.org\/ws-sx\/ws-trust\/200512\/ws-trust-1.3-os.html"},{"key":"6_CR38","unstructured":"Newcomer, E.: Understanding Web Services: XML, WSDL, SOAP, and UDDI. Addison Wesley (2002)"},{"issue":"1","key":"6_CR39","doi-asserted-by":"publisher","first-page":"49","DOI":"10.1023\/A:1022308532661","volume":"6","author":"M. Papazoglou","year":"2003","unstructured":"Papazoglou, M.: Web services and business transactions. World Wide Web\u00a06(1), 49\u201391 (2003)","journal-title":"World Wide Web"},{"key":"6_CR40","doi-asserted-by":"crossref","unstructured":"Rahaman, M.A., Schaad, A., Rits, M.: Towards secure SOAP message exchange in a SOA. In: Proc. of the 3rd ACM Workshop On Secure Web Services (SWS 2006), Alexandria, VA, USA (November 2006)","DOI":"10.1145\/1180367.1180382"},{"key":"6_CR41","unstructured":"Salva, S., Rabhi, I.: Automatic web service robustness testing from WSDL descriptions. In: Proc. of the 12th European Workshop on Dependable Computing (EWDC 2009), Toulouse, France (May 2009)"},{"key":"6_CR42","unstructured":"Securing Web services for army SOA, http:\/\/www.sei.cmu.edu\/solutions\/softwaredev\/securing-web-services.cfm"},{"key":"6_CR43","doi-asserted-by":"crossref","unstructured":"Sinha, S., Benameur, A.: A formal solution to rewriting attacks on SOAP messages. In: Proc. of the 5th ACM Workshop On Secure Web Services (SWS 2008), Alexandria, VA, USA (October 2008)","DOI":"10.1145\/1456492.1456501"},{"key":"6_CR44","unstructured":"Tsai, W., Paul, R., Cao, Z., Yu, L., Saimi, A., Xiao, B.: Verification of Web services using an enhanced UDDI server. In: Proc. of the 8th IEEE International Workshop on Object-Oriented Real-Time Dependable Systems (WORDS 2003), Guadalajara, Mexico (January 2003)"},{"key":"6_CR45","unstructured":"Tsai, W., Paul, R., Yamin, W., Chun, F., Dong, W.: Extending WSDL to facilitate web services testing. In: Proc. of the 7th IEEE International Symposium on High Assurance Systems Engineering, Tokyo, Japan (October 2002)"},{"key":"6_CR46","unstructured":"USA Department of Defence: Department Of Defense Trusted Computer System Evaluation Criteria (December 1985), http:\/\/csrc.nist.gov\/publications\/secpubs\/rainbow\/std001.txt"},{"key":"6_CR47","doi-asserted-by":"crossref","unstructured":"Xu, W., Venkatakrishnan, V., Sekar, R., Ramakrishnan, I.: A framework for building privacy-conscious composite Web services. In: Proc. of the 2006 IEEE International Conference on Web Services (ICWS 2006), Chicago, IL, USA (September 2006)","DOI":"10.1109\/ICWS.2006.4"}],"container-title":["Lecture Notes in Computer Science","Business System Management and Engineering"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-32439-0_6","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,7,12]],"date-time":"2020-07-12T10:30:22Z","timestamp":1594549822000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-32439-0_6"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2012]]},"ISBN":["9783642324383","9783642324390"],"references-count":47,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-32439-0_6","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2012]]}}}