A new secure token for enhancing Web Service Security

This paper proposes a new secure token for improving the existing Web Service Security standards which provide message integrity and message confidentiality. Service Oriented Architecture (SOA) is widely adopted and most of them use Web Services implemented using a Simple Object Access Protocol (SOAP), an XML document or message exchanges between sender and receiver using HTTP protocol. Security is critical because the message is transferred around a public network, the Internet. Whilst current Web Service Security Standards protect the message; the location of the message sender is not authenticated, this can be provided using the proposed token.

[1]  Raymond A. Paul,et al.  Architecture classification for SOA-based applications , 2006, Ninth IEEE International Symposium on Object and Component-Oriented Real-Time Distributed Computing (ISORC'06).

[2]  John Zic,et al.  Performance Evaluation and Modeling of Web Services Security , 2007, IEEE International Conference on Web Services (ICWS 2007).

[3]  Chris Chatwin,et al.  An SOA-based diseases notification system , 2009, 2009 7th International Conference on Information, Communications and Signal Processing (ICICS).

[4]  Bo Yan,et al.  Evaluation and Modeling of Web Services Performance , 2006, 2006 IEEE International Conference on Web Services (ICWS'06).

[5]  Namho Yoo A SOA-Based Vulnerability System Engineering for E-Government Solution , 2008, 2008 19th International Conference on Systems Engineering.

[6]  Soumya Simanta,et al.  Common Misconceptions about Service-Oriented Architecture , 2007, 2007 Sixth International IEEE Conference on Commercial-off-the-Shelf (COTS)-Based Software Systems (ICCBSS'07).

[7]  Paul V. Mockapetris,et al.  Domain names - implementation and specification , 1987, RFC.

[8]  Ernesto Damiani,et al.  Web Service Security , 2011, Encyclopedia of Cryptography and Security.

[9]  Nils Agne Nordbotten,et al.  XML and Web Services Security Standards , 2009, IEEE Communications Surveys & Tutorials.

[10]  D. Eastlake,et al.  XML Encryption Syntax and Processing , 2003 .

[11]  Kaiqi Xiong,et al.  Web services performance modeling and analysis , 2006, 2006 International Symposium on High Capacity Optical Networks and Enabling Technologies.

[12]  Mark Bartel,et al.  Xml-Signature Syntax and Processing , 2000 .