Web services are increasingly being provided and consumed in and between cloud environments. Learn how to leverage various interoperable standards to address security challenges in a cloud or ...distributed Web services architecture.
With the rapid development of web services, message security of web services between heterogeneous platforms is increasingly prominent. As two popular web services platforms, Apache Axis2 and ...Microsoft .Net, have their own security module respectively (Rampart, WSE). Due to differences in platform security mechanisms, it is difficult to build a secure web services communications between different platforms. This paper firstly introduces the Apache Axis2 and. Net platforms, and then analyzes their differences of security mechanism on these two platforms. Finally, followed by a typical secure case, a series of steps are designed and tested in order to realize secure web service invocation on heterogeneous platforms.
In this article, we describe a possible model of secure e/m-government system based on secure JAVA mobile application and SOA-Based e/m-government platform. The proposed model consists of additional ...external entities/servers, such as: PKI, XKMS, STS, UDDI and Time Stamping Authority. The main parts of the proposed model are secure JAVA mobile application and secure Web Service implemented on the SOA-based platform capable to connect mobile and desktop applications. One example of the mobile government online services is particularly emphasized: sending m-residence certificate request and obtaining the m-residence electronic document (m-residence certificate) as a municipality's response.
A survey of attacks on web services Jensen, Meiko; Gruschka, Nils; Herkenhöner, Ralph
Computer Science - Research and Development,
11/2009, Letnik:
24, Številka:
4
Journal Article
Being regarded as the new paradigm for Internet communication, Web Services have introduced a large number of new standards and technologies. Though founding on decades of networking experience, Web ...Services are not more resistant to security attacks than other open network systems. Quite the opposite is true: Web Services are exposed to attacks well-known from common Internet protocols and additionally to new kinds of attacks targeting Web Services in particular. Along with their severe impact, most of these attacks can be performed with minimum effort from the attacker’s side.
This article gives a survey of vulnerabilities in the context of Web Services. As a proof of the practical relevance of the threats, exemplary attacks on widespread Web Service implementations were performed. Further, general countermeasures for prevention and mitigation of such attacks are discussed.
Current Web services architectures are confronted with a few stubborn problems, and the security problem becomes one of the bottlenecks that restrict the extensive application of Web service. After ...compared transport level with message level security, the limitation of transport level security became clearly. And then on the basis of the analysis message level security, especially WS-Security, XML security protocol was adopted to guarantee message level security. Because WS-Security is a new protocol jointly developed by Microsoft and IBM among these XML security protocols, and a security-token mechanism of WS-Security mechanism was improved, added a table with security-token types. And a new model consisting of multiple security-token is put forward to guarantee the security of message transmission.
Synthesis of secure adaptors Martín, J.A.; Martinelli, F.; Pimentel, E.
The journal of logic and algebraic programming,
02/2012, Letnik:
81, Številka:
2
Journal Article
Contracts for security adaptation Martín, J.A.; Pimentel, E.
The journal of logic and algebraic programming,
04/2011, Letnik:
80, Številka:
3-5
Journal Article