Security Considerations In A Global Message Service Handler Design

Web services are generally accepted as the most interoperable application interface today on the Web. In the context of a global electronic marketplace this is an essential factor. In keeping with Services-Oriented Architecture trends, a Web service-based Message Service Handler can provide a global service to all participants in the global marketplace. The main objective of this research is to design a Web service to provide Message Handler Services, using ebXML as the point-of-departure. The focus of this paper is to arrive at a set of pre-specified security standards to promote the goal of interoperability, explaining, with justification, which security mechanisms should be used within the proposed Web service model. The Web service will send messages using the SOAP with Attachments architecture. The use of XML signatures and XML encryption within this SOAP envelope is advised to ensure integrity, authentication and confidentiality. When the actual SOAP envelope is transmitted over the Internet, it will be wrapped within an IPSec packet to ensure further security.