The focus of this paper is developing ontologies that can be used to annotate web services represented by DAML-S. We propose several security-related ontologies that are designed to represent security standards such as XML Signatures in terms of their characteristics like credentials, mechanisms supported, notations used, etc. These ontologies are used to describe security properties of web ser...

------------------------------------------------------------------------ABSTRACT-------------------------------------------------------------------Most of the applications now -a-days are developed web based. The applications of public access are highly exposed to security threats. The increasing number of web based attacks which result in loss of data and unauthorized access to application has...

The world is rapidly adopting RESTful web services for most of its tasks. The once popular SOAP-based web services are fast losing ground owing to this. RESTful web services are light weight services without strict message formats. RESTful web services, unlike SOAP, are capable of message transfer in any format be it XML, JSON, plain-text. However, in spite of these positives, ensuring message ...

On a regular basis, we learn about well-known online services that have been misused or compromised by data theft. As insecure applications pose a threat to the users’ privacy as well as to the image of companies and organizations, it is absolutely essential to adequately secure them from the start of the development process. Often, reasons for vulnerable applications are related to the insuffi...

Security testing is a software testing discipline that aims to verify that the functionality of the software is resistant to attacks and data processed by the software is protected. To establish common requirements that the software must ful ll, software security standards are published. This thesis aims to describe and apply a process necessary to verify the security of a web application. A ch...

Widely used in development of web services, Scrum contributes to agile service development, reducing the Time To Market (TTM) and increasing the profit to service providers. Caring for dynamic requirement changes and incremental development of web services are other advantages of employing Scrum for development of web services. However there are several problems with this methodology limiting i...

Information is the most valuable asset for organizations. One of the goals of organizations is to share their data and at the same time to enforce their policies. Web database is a combined production with database technology and Web technology. Web database is placed on the Internet, there are many security problems. The secrecy and the integrity are two important demands of security system. W...

Dependability is an important characteristic that a trustworthy computer system should have. It is a measure of Availability, Reliability, Maintainability, Safety and Security. The focus of our research is on security of web services. Web services enable the composition of independent services with complementary functionalities to produce value-added services, which allows organizations to impl...

Web service specifications (WS*) have been designed with the aim of being composable to provide a rich set of tools for secure, reliable, and/or transacted web services. Due to the flexibility of SOAP-level security [1] mechanisms, web services may be vulnerable to a distinct class of attacks based on the malicious interception, manipulation, and transmission of SOAP messages, which are referre...

Security Analysis and Improvement Model for Web-based Applications. (December 2008) Yong Wang, B.S.; M.S., Anhui Agricultural University, China; M.S., Texas A&M University Co-Chairs of Advisory Committee: Dr. William M. Lively Dr. Dick B. Simmons Today the web has become a major conduit for information. As the World Wide Web’s popularity continues to increase, information security on the web ha...