Smart Security Assessment of Composed Web Services

As more and more organizations use Service-Oriented Architecture (SOA) to design and implement their information systems the systems' architects also need more intelligent and reliable tools. The complexity, modularity, and heterogeneity of the information systems make the security evaluation a difficult process. In this work, we propose a method for the assesment and optimization of a security level of composed web services, assuming layered security architecture and the multi-agent approach. As the security evaluation requires the precise definition of the set of evaluation criteria, the basic criteria for each functional layer of SOA have been presented. An information fusion scheme, based on subjective logic formalism, was proposed to gather information coming from different layers and agents.