International Journal of Network Security & Its Applications (IJNSA), Vol.1, No.3, October 2009
A SECURITY FRAMEWORK FOR SOA APPLICATIONS IN MOBILE ENVIRONMENT Johnneth Fonseca, Zair Abdelouahab, Denivaldo Lopes and Sofiane Labidi Federal University of Maranhão, CCET/DEEE Av. Dos portugueses, Campus do Bacanga, São Luis – MA 65080-040 johnneth.sfonseca@gmail.com, zair@dee.ufma.br, denivaldo.lopes@gmail.com, labidi@uol.com.br
ABSTRACT A Rapid evolution of mobile technologies has led to the development of more sophisticated mobile devices with better storage, processing and transmission power. These factors enable support to many types of application but also give rise to a necessity to find a model of service development. Actually, SOA (Service Oriented Architecture) is a good option to support application development. This paper presents a framework that allows the development of SOA based application in mobile environment. The objective of the framework is to give developers with tools for provision of services in this environment with the necessary security characteristics.
KEYWORDS SOA, Security, Framework, Mobile devices
1. INTRODUCTION Over the last years there is a great improvement of capabilities of mobile device, both in its storage capacity and in processing power. This has enabled a wider acceptance of these devices which now offer a variety of applications to users. In addition, new communication technologies allow these devices to access the Internet more efficiently and to communicate with each other. Actually, it is possible to develop and install in these equipments other applications and services beyond those already coming from the factory. These types of applications may act as service consumers or/and service providers. Thus, there is a need to use a pattern of development that allows developers to create and provide its services more quickly and efficiently. ServiceOriented Architecture (SOA) has emerged as a solution to this type of necessity [13][14][17]. The aim of this paper is to describe a framework to the development of SOA based applications in mobile environment drawing the complexity of their development, with mechanisms to perform all necessary functions for provision of services, such as describing services, carry messages from the parser with specific format, creating a channel of communication to receive and send messages. With this framework, services may be associated with security properties such as cryptography, digital signatures. This paper is structured of the following form. The first section presents the aim and motivations of the work. The second section describes the SOA architecture and its main components. The third section describes the necessary services in mobile environment. The fourth section shows the mains problems related to security in the mobile environment. The fifth section describes the proposed architecture and the sixth section shows some work related to the
90