Security Protocols in Service-Oriented Architecture
暂无分享,去创建一个
In this paper, a comprehensive Quality of Security Service (QoSS) model for addressing security within a Service-Oriented Architecture (SOA) is proposed. We define a detailed SOA security model that supports and incorporates a number of networking security techniques and protocols. It utilizes symmetric keys, public keys and hash functions techniques, in order to provide different levels of QoSS agreements to satisfy the requirements of both the services providers and requesters. These levels are based on core networking security requirements such as Mutual Authentication, Session keys, Anonymity, and Perfect forward Secrecy. In addition, the proposed model forms a strong line of defense against Replay, Man-in-the-Middle, and Denial-of-Services attacks.
[1] Adi Shamir,et al. A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.
[2] Whitfield Diffie,et al. New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.