Improving Web Services Security Models

Web services are considered one of the main technologies which emerged in recent years, they provide an application integration technology that allows business applications to communicate and cooperate over the Internet. Webservices encouraged existent architectures to adopt as one of the most important technologies; Portals, providing contentaggregation from various web services sources for providing useful information to users. The distributed sources of webservices aggregated into usersʹ pages provide a component model architecture, which allows the plugging of components ininfrastructure, which are referred to as portlets. This paper defines effective models for securing portlet contents by definingan access control list for each portlet, which will looks into the access control of web services, and authentication of webservices consumers. In addition, this paper introduces a design for trusted authority that will be responsible for fair contractexchange between portlet producers and consumer; thus, defining a single sign-on model, which is responsible forauthenticating remote portlets requests