Open Access Open Access  Restricted Access Subscription Access

XML Encryption and Signature for Securing Web Services


Affiliations
1 Computer Science department, College of Computer and Information Sciences, King Saud University, Riyadh, Saudi Arabia
 

In this research, we have focused on the most challenging issue that Web Services face, i.e. how to secure their information. Web Services security could be guaranteed by employing security standards, which is the main focus of this search. Every suggested model related to security design should put in the account the securities' objectives; integrity, confidentiality, non- repudiation, authentication, and authorization. The proposed model describes SOAP messages and the way to secure their contents. Due to the reason that SOAP message is the core of the exchanging information in Web Services, this research has developed a security model needed to ensure e-business security. The essence of our model depends on XML encryption and XML signature to encrypt and sign SOAP message. The proposed model looks forward to achieve a high speed of transaction and a strong level of security without jeopardizing the performance of transmission information.

Keywords

Web Services, SOAP, SAML, XKMS, IDEA, RSA.
User
Notifications
Font Size

  • Minder Chen, Andrew N. K. Chen, Benjamin B. M. Shao, "The Implications and Impacts of Web Services to Electronic Commerce Research and Practices" , Journal of Electronic Commerce Research, VOL. 4, NO. 4, pp. 128-129, 2003.
  • N. A. Nordbotten, "XML and Web Services Security Standards," Communications Surveys & Tutorials, IEEE, vol. 11 ,pp. 4-21, 2009.
  • Iehab Alrassan , Maha Alrashed , " Enhancing Web Services Security in e-business " , The International Journal of Soft Computing and Software Engineering [JSCSE], vol. 3 , pp. 502-506 , 2013
  • Gu Yue-sheng, Zhang Bao-jian, Xu Wu , "Research and Realization of Web Services Security Based on XML Signature" , International Conference on Networking and Digital Society, 2009, pp. 116-118.
  • Nils Agne Nordbotten, "XML and Web Services Security Standards" , IEEE COMMUNICATIONS SURVEYS & TUTORIALS, VOL. 11, NO. 3, THIRD QUARTER 2009
  • F. Prevention and P. Technologies, “XML Signature / Encryption —,” vol. 2, no. 1, pp. 35–39, 2002.
  • E. Bertino and E. Ferrari, “Secure and selective dissemination of XML documents,” ACM Trans. Inf. Syst. Secur., vol. 5, no. 3, pp. 290–331, 2002.
  • T. Imamura and A. Clark, “A Stream-based Implementation of XML Encryption,” Architecture, pp. 11–17, 2002.
  • Heather Kreger, “Web Services Conceptual Architecture”, IBM, May 2001.
  • M. Humphrey, M. R. Thompson, and K. R. Jackson, “Security for Grids,” Proc. IEEE, vol. 93, no. 3, pp. 644–652, 2005.
  • F. Leymann, D. Roller and M. Schmidt, 'Web services and business process management', IBM Syst. J., vol. 41, no. 2, pp. 198-211, 2012.
  • Web Services Security', Network Security, vol. 2003, no. 5, pp. 14-16, 2003.
  • M. Chen, “Factors affecting the adoption and diffusion of XML and web services standards for e-business systems,” International Journal of Human-Computer Studies, vol. 58, no. 3, pp. 259–279, 2013.
  • Web Services Security', Network Security, vol. 2003, no. 5, pp. 14-16, 2003.
  • B. Kaliski, “The Mathematics of the RSA Public-Key Cryptosystem,” 1989.
  • Chen, D. Xue and X. Lai, 'An analysis of international data encryption algorithm(IDEA) security against differential cryptanalysis', Wuhan University Journal of Natural Sciences, vol. 13, no. 6, pp. 697-701, 2008.
  • C. Sireesha , G. Jyostna , P. Varan , and P. Eswari "PROP - Patronage of PHP Web Applications ", International Journal of Computer Science & Information Technology (IJCSIT) Vol 7, No 2, April 2015

Abstract Views: 295

PDF Views: 153




  • XML Encryption and Signature for Securing Web Services

Abstract Views: 295  |  PDF Views: 153

Authors

Iehab AL Rassan
Computer Science department, College of Computer and Information Sciences, King Saud University, Riyadh, Saudi Arabia

Abstract


In this research, we have focused on the most challenging issue that Web Services face, i.e. how to secure their information. Web Services security could be guaranteed by employing security standards, which is the main focus of this search. Every suggested model related to security design should put in the account the securities' objectives; integrity, confidentiality, non- repudiation, authentication, and authorization. The proposed model describes SOAP messages and the way to secure their contents. Due to the reason that SOAP message is the core of the exchanging information in Web Services, this research has developed a security model needed to ensure e-business security. The essence of our model depends on XML encryption and XML signature to encrypt and sign SOAP message. The proposed model looks forward to achieve a high speed of transaction and a strong level of security without jeopardizing the performance of transmission information.

Keywords


Web Services, SOAP, SAML, XKMS, IDEA, RSA.

References