TY*SecureWS: An Integrated Web Service Security Solution Based on Java
In this paper we propose an integrated XML web service security solution based on Java. The goal of the proposed solution is guaranteeing confidentiality, integrity, and non-repudiation in using web services. It provides flexibility as its security functions are implemented in security handlers instead of modifying web services engine. It also supports extensibility since it has been developed based on international standards such as WS-Security, XKMS, XML Encryption, and XML Signature specifications. The proposed solution provides clients and servers in the business to business environments with confidence and security.
Unable to display preview. Download preview PDF.
- 1.A Delphi Group, Web Services 2002: Market Milestone Report. A Delphi Group White Paper. IBM (2002)Google Scholar
- 2.Holbrook, S.: Web Services Architecture: Technical Overview of the Pieces. IBM (2002)Google Scholar
- 3.Wagner, R.: Web Services Security: New Dog, Old Tricks. In: Gartner Symposium ITXPO (2002)Google Scholar
- 4.W3C Note, SOAP: Simple Object Access Protocol 1.1 (May 2000)Google Scholar
- 5.W3C Recommendation, Canonical XML Version 1.0 (March 2001)Google Scholar
- 6.W3C Recommendation, XML Encryption Syntax and Processing (March 2002)Google Scholar
- 7.W3C Proposed Recommendation, XML Signature Syntax and Processing (August 2001)Google Scholar
- 8.W3C Note, XML Key Management Specification (XKMS) (March 2001)Google Scholar
- 9.Atkinson, B., Hada, S., Hallam-Baker, P., et al.: Web Services Security (WSSecurity) (April 2002)Google Scholar
- 10.VeriSign, Using VeriSign’s Trust Services Integration Kit with XKMS, VeriSign Inc. (March 2002)Google Scholar
- 11.VeriSign, VeriSign Digital Trust Services: Enabling Trusted Web Services (February 2002)Google Scholar
- 12.A Joint White Paper from IBM Corp. and Microsoft Corp., Security in a Web Services World: A Proposed Architecture and Roadmap (April 2002)Google Scholar