Systematic Composition of Web-based Applications with Focus on Security
Proceedings of the 17th International Conference on Information Integration and Web-based Applications & Services
With increasing complexity of web-based applications, traditional engineering from scratch becomes an effortful matter with security aspects difficult to oversee. By composing applications from reusable building blocks, component-based web engineering approaches promise to reduce time to market while providing flexibility to changing conditions. Yet, they face a trade off between developing software in an agile fashion and establishing a solid security foundation.
To mitigate risks of successful attacks, web engineers must however ensure security during the entire lifetime of web- based applications. This paper therefore presents WAM++ which combines well with existing methodology and assists engineers in designing web-based applications with a strong emphasis on security. Based on the theoretical foundation from prior work, we introduce a vocabulary to describe both the architecture of web-based applications and involved services. Furthermore, we support engineers by an online dia- graming tool and showcase a prototypical implementation of WAM++ in an existing identity management platform.
Scholtz, Anna; Wild, Stefan; Gaedke, Martin: Systematic Composition of Web-based Applications with Focus on Security. Proceedings of the 17th International Conference on Information Integration and Web-based Applications & Services, pp. 637-641, 2015.