Web Services have been widely adopted in business projects, and almost all Web Service developers agree that security factors are the principal components that must be taken into consideration. A large number of security metrics and measurements is available for specific business needs, and the best practice for different business demands is therefore needed if the quality of service security metrics (Qos-SM) is to be developed. This research proposes a new way of developing Qos-SM using Qos ontology mapping with two information system standards, COBIT and ITIL, as a result of which new Qos-SM are developed. In order to prove the correctness and precision of the metrics, the researchers have used the metrics to measure the level of security quality from Web service data sets. The experimental results, based on vector analysis, show that the same level of security quality is attained with both of the metrics developed and the metrics from previous research. This research also represents the metrics in the form of a class diagram, thus facilitating its application in the organization.

quality of service, ITIL, COBIT, security metrics and measurement, security for web service