Security for Web Services and Service-Oriented Architectures

  • Elisa Bertino
  • Lorenzo Martino
  • Federica Paci
  • Anna Squicciarini

Table of contents

  1. Front Matter
    Pages i-xii
  2. Elisa Bertino, Lorenzo D. Martino, Federica Paci, Anna C. Squicciarini
    Pages 1-8
  3. Elisa Bertino, Lorenzo D. Martino, Federica Paci, Anna C. Squicciarini
    Pages 9-23
  4. Elisa Bertino, Lorenzo D. Martino, Federica Paci, Anna C. Squicciarini
    Pages 25-44
  5. Elisa Bertino, Lorenzo D. Martino, Federica Paci, Anna C. Squicciarini
    Pages 45-77
  6. Elisa Bertino, Lorenzo D. Martino, Federica Paci, Anna C. Squicciarini
    Pages 79-114
  7. Elisa Bertino, Lorenzo D. Martino, Federica Paci, Anna C. Squicciarini
    Pages 115-146
  8. Elisa Bertino, Lorenzo D. Martino, Federica Paci, Anna C. Squicciarini
    Pages 147-157
  9. Elisa Bertino, Lorenzo D. Martino, Federica Paci, Anna C. Squicciarini
    Pages 159-177
  10. Elisa Bertino, Lorenzo D. Martino, Federica Paci, Anna C. Squicciarini
    Pages 179-195
  11. Back Matter
    Pages 197-226

About this book

Introduction

Web services based on the eXtensible Markup Language (XML), the Simple Object Access Protocol (SOAP), and related standards, and deployed in Service-Oriented Architectures (SOA), are the key to Web-based interoperability for applications within and across organizations. It is crucial that the security of services and their interactions with users is ensured if Web services technology is to live up to its promise. However, the very features that make it attractive – such as greater and ubiquitous access to data and other resources, dynamic application configuration and reconfiguration through workflows, and relative autonomy – conflict with conventional security models and mechanisms.

Elisa Bertino and her coauthors provide a comprehensive guide to security for Web services and SOA. They cover in detail all recent standards that address Web service security, including XML Encryption, XML Signature, WS-Security, and WS-SecureConversation, as well as recent research on access control for simple and conversation-based Web services, advanced digital identity management techniques, and access control for Web-based workflows. They explain how these implement means for identification, authentication, and authorization with respect to security aspects such as integrity, confidentiality, and availability.

This book will serve practitioners as a comprehensive critical reference on Web service standards, with illustrative examples and analyses of critical issues; researchers will use it as a state-of-the-art overview of ongoing research and innovative new directions; and graduate students will use it as a textbook on advanced topics in computer and system security.

Keywords

Access Control BPEL Information Security SAML SOA Service-Oriented Architecture WSDL Web Services Workflow XML identity management language organization security standards

Authors and affiliations

  • Elisa Bertino
    • 1
  • Lorenzo Martino
    • 2
  • Federica Paci
    • 3
  • Anna Squicciarini
    • 4
  1. 1.CERIAS, Dept. Computer SciencesPurdue UniversityWest LafayetteUSA
  2. 2.Dept. Computer &, Information Technology (ICT)Purdue UniversityWest LafayetteUSA
  3. 3.Dipto. Informatica e ComunicazioneUniversità Milano-BicoccaMilanoItaly
  4. 4.CERIAS, Dept. Computer SciencesPurdue UniversityWest LafayetteUSA

Bibliographic information

  • DOI https://doi.org/10.1007/978-3-540-87742-4
  • Copyright Information Springer-Verlag Berlin Heidelberg 2010
  • Publisher Name Springer, Berlin, Heidelberg
  • eBook Packages Computer Science
  • Print ISBN 978-3-540-87741-7
  • Online ISBN 978-3-540-87742-4
  • About this book