Managing Web Services Security
نویسندگان
چکیده
The promising features of Web services also make them vulnerable to new types of security threats. Web service providers must assure their clients’ confidentiality, integrity and availability over a trusted relationship that may be asynchronous and that may involve multiple business partners. Despite the continued significance of the traditional approaches to securing content, transmission and connection in a Web-based business environment, including Secure Socket Layer, Virtual Private Networks, Internet Protocol Security, and so on, they are not able to address the new challenges posed by Web services. This paper aims to provide insight into the management of Web services security. We first introduce key concepts and reviews state-of-the-art standards for Web services security. Then, by aligning the Web services security standards with security threats, we provide guidance for the practical implementation of Web services security. Finally, we point out some limitations in the current practice and suggest future directions of securing Web services.
منابع مشابه
Security Analysis for Web ServicesCompositions
As more organizations adopt Web services for increasingly sensitive, mission-critical data the potential impact of breaches of Web services increases both for individuals and organizations. Increasing impacts can result in a worsening of the risk environment for all parties. Web services security and auditing is therefore an important concern. The current trend toward representing Web services ...
متن کاملImage flip CAPTCHA
The massive and automated access to Web resources through robots has made it essential for Web service providers to make some conclusion about whether the "user" is a human or a robot. A Human Interaction Proof (HIP) like Completely Automated Public Turing test to tell Computers and Humans Apart (CAPTCHA) offers a way to make such a distinction. CAPTCHA is a reverse Turing test used by Web serv...
متن کاملSecurity architecture for virtual organizations of business web services
Virtual Organizations (VO) temporarily aggregate resources of different domains to achieve a common goal. Web services are being positioned as the technological framework for achieving this aggregation in the context of cross-organizational business applications. Numerous architectures have been proposed for securing VOs, mostly for scientific research, such that they do not address all the req...
متن کاملRunning head: Policies for Web Security Services Policies for Web Security Services
This chapter analyzes the various types of policies implemented by the web security services. According to X.800 definition five are the basic web security services categories: authentication, non-repudiation, access control, data integrity and data confidentiality. In this chapter we discuss access control and data privacy services. Access control services may adopt various models according to...
متن کاملQoS-Based web service composition based on genetic algorithm
Quality of service (QoS) is an important issue in the design and management of web service composition. QoS in web services consists of various non-functional factors, such as execution cost, execution time, availability, successful execution rate, and security. In recent years, the number of available web services has proliferated, and then offered the same services increasingly. The same web ...
متن کامل