Security-aware service composition for end users of small enterprises

Abstract

This paper focuses on the service composition based on security properties of services from an end user perspective. End users are usually not expert in computer security, but expert users of computer software. They typically either own or work for small and medium enterprises (SMEs). The proposed framework attempts to demonstrate that end users of small enterprises can compose a service based application based on the security profiles of software services. The paper argues that the security concerns of various stakeholders of services should be specified differently. The paper envisions a framework with which end users could select services consistent with their preferred security features suitable for their businesses. With the same token, consumers of such applications can easily understand the security profile of services in order to make a B2B transaction. This will provide end users more power to force the service developer to offer better security-aware services. The main contribution of this paper is a framework on which further work could be initiated.