Keywords: SOA, service oriented architecture, security metrics, attach graphs, attack models, service availability, resource consumption, performance attacks, functional attacks, intrusion detection
Model for evaluation of SOA security metrics using attack graphs
In the paper, a proposal of risk assessment for service oriented architecture (SOA) is given. The proposal is based on service availability metrics that is a probability that the service is available. Foundations for calculating this probability by simulation using attack graphs are given. The attack graph is a representation of actions that end in a state where an intruder achieved his/her goal. Resource consumption, in terms of host-processing time, bandwidth of physical connections utilisation are the new features of an atomic attack given in this paper. Taking into account, resources engaged during attacks have been divided into: resources charging attacks (performance attacks) and non-resources charging attacks (functional attacks). The attack graphs of the second type attacks are similar to the graph attacks presented in literature. The attack graphs of the first attack type are new. A model of intrusion detection system is also given.