A Gateway to Web Services Security - Securing SOAP with Proxies

نویسنده

Gerald Brose

چکیده

Integrating applications and resources using Web Services increases the exposure of critical resources. Consequently, the introduction of Web Services requires that additional effort be spent on assessing the corresponding risks and establishing appropriate security mechanisms. This paper explains the main challenges for securing Web Services and summarizes emerging standards. The most important of these, WS-Security, defines a message-based security model for SOAP that is suitable for achieving end-to-end security in environments with multiple trust domains. We propose one particular, gateway-based approach to implementing Web Services security, and compare it to other approaches.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Securing Web Services with SOAP Security Proxies

Although in principle independent of any particular messaging protocol, Web Services are primarily accessed using SOAP over HTTP in practice. As SOAP provides no message security at all, other ways of securing messages are necessary. This paper summarizes the most important security model for SOAP, WS-Security, and its related specifications. We explore the advantages of one particular approach...

متن کامل

A Security Gateway for Message exchange in Services by Streaming and Validation

Cloud Computing is found to be today’s most commonly used Service Oriented Architecture (SOA) implementation. Cloud services are exposed as Web Services which follow the industry standards such as WSDL for service description, SOAP for enabling request and response and so on. Hence Web services security is of particular importance for the security assessment of cloud systems. Securing SOAP mess...

متن کامل

HTTPI Based Web Service Security over SOAP

Now a days, a new family of web applications 'open applications’, are emerging (e.g., Social Networking, News and Blogging). Generally, these open applications are non-confidential. The security needs of these applications are only client/server authentication and data integrity. For securing these open applications, effectively and efficiently, HTTPI, a new transport protocol is proposed, whic...

متن کامل

Seamlessly Securing Web Services by a Signing Proxy

Web services offer a way for very different systems to collaborate independent of the programming language used or the involved operating systems. Their basis is the XML-based SOAP protocol, which can be used over any protocol that is able to transport a byte stream. Due to the fact that Web services do not depend on any operating system and there is no burden of a underlying paradigm, they are...

متن کامل

Policy-driven and Content-based Web Services Security Gateway

Web Services are widely used to provide services and exchange data among business units, customers, partners and suppliers for enterprises. Although Web Services significantly improve the interaction and development of processes in the business world, they raise several security concerns, since they greatly increase the exposure of critical enterprise data. Web Services exchange data using SOAP...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}

با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره شماره

صفحات -

تاریخ انتشار 2003

A Gateway to Web Services Security - Securing SOAP with Proxies

نویسنده

چکیده

منابع مشابه

Securing Web Services with SOAP Security Proxies

A Security Gateway for Message exchange in Services by Streaming and Validation

HTTPI Based Web Service Security over SOAP

Seamlessly Securing Web Services by a Signing Proxy

Policy-driven and Content-based Web Services Security Gateway

عنوان ژورنال:

اشتراک گذاری