A Security Architecture for Web Services
نویسندگان
چکیده
Web services are quickly becoming the most popular tool for distributed computing. Due to this popularity a comprehensive security architecture is needed. In this paper we introduced such a comprehensive architecture that includesin addition to the standard services of integrity and confidentialityauthentication, authorization and a defense against denial of service attacks. This model builds on existing standards such as SOAP, WSS and XACML. A detailed implementation with performance evaluation using the open source Apache tools is also discussed.
منابع مشابه
Towards a Process for Web Services Security
Web Services (WS) security has undergone an enormous development, as carried out by the major organizations and consortiums of the industry over the last few years. This has brought about the appearance of a huge number of WS security standards. Such a fact has made organizations remain reticent about adopting technologies based on this paradigm, due to the learning curve which is inevitable in...
متن کاملA Requirement for a XML Web Services Security Architecture
Lately, XML Web Services are emerging as a dominant platform in the computing world. At the moment, the web has evolved into an active medium for providers and consumers of services. One of the major problems for XML Web Services is the related with security. The paper describes a comprehensive XML Web Services Management Architecture that supports, integrates and unifies several security model...
متن کاملArchitectural Plan for Constructing Fault Tolerable Workflow Engines Based on Grid Service
In this paper the design and implementation of fault tolerable architecture for scientific workflow engines is presented. The engines are assumed to be implemented as composite web services. Current architectures for workflow engines do not make any considerations for substituting faulty web services with correct ones at run time. The difficulty is to rollback the execution state of the workflo...
متن کاملArchitectural Plan for Constructing Fault Tolerable Workflow Engines Based on Grid Service
In this paper the design and implementation of fault tolerable architecture for scientific workflow engines is presented. The engines are assumed to be implemented as composite web services. Current architectures for workflow engines do not make any considerations for substituting faulty web services with correct ones at run time. The difficulty is to rollback the execution state of the workflo...
متن کاملImage flip CAPTCHA
The massive and automated access to Web resources through robots has made it essential for Web service providers to make some conclusion about whether the "user" is a human or a robot. A Human Interaction Proof (HIP) like Completely Automated Public Turing test to tell Computers and Humans Apart (CAPTCHA) offers a way to make such a distinction. CAPTCHA is a reverse Turing test used by Web serv...
متن کاملResearch and Design Issues in Access Control for Network Services on the Web
The service oriented architecture (SOA) is gaining more momentum with the advent of network services on the Web. A programmable and machine accessible Web is the vision of many, and might represent a step towards the semantic Web. However, security is a crucial requirement for the serious usage and adoption of Web services technology. This paper reviews existing work related to Web service secu...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2011