Research Article Open Access

SSOAM: Automated Security Testing Framework for SOA Middleware in Banking Domain

Mustafa Al-Fayoumi1, Ruba Haj Hamad2 and Jaafer Al-Saraireh1
  • 1 Princess Sumaya University for Technology, Jordan
  • 2 University for Technology, Jordan

Abstract

In the banking domain, a high level of security must be considered and achieved to prevent a core-banking system from vulnerabilities and attackers. This is especially true when implementing Service Oriented Architecture Middleware (SOAM), which enables all banking e-services to be connected in a unified way and then allows banking e-services to transmit and share information using simple Object Access Protocol (SOAP). The main challenge in this research is that SOAP is designed without security in mind and there are no security testing tools that guarantee a secure SOAM solution in all its layers. Thus, this paper studies and analyzes the importance of implementing secure banking SOAM design architecture and of having an automated security testing framework. Therefore, Secure SOAM (SSOAM) is proposed, which works in parallel with the banking production environment. SSOAM contains a group of integrated security plugins that are responsible for scanning, finding, analyzing and fixing vulnerabilities and also forecasting new vulnerabilities and attacks in all banking SOAM layers.

Journal of Computer Science
Volume 14 No. 7, 2018, 957-968

DOI: https://doi.org/10.3844/jcssp.2018.957.968

Submitted On: 4 February 2018 Published On: 16 July 2018

How to Cite: Al-Fayoumi, M., Hamad, R. H. & Al-Saraireh, J. (2018). SSOAM: Automated Security Testing Framework for SOA Middleware in Banking Domain. Journal of Computer Science, 14(7), 957-968. https://doi.org/10.3844/jcssp.2018.957.968

  • 3,726 Views
  • 2,220 Downloads
  • 1 Citations

Download

Keywords

  • SOA Middleware
  • BPEL
  • Automation Security Testing Framework
  • Orchestrated Business Process
  • SOAP Protocol
  • Secure Banking Architecture