Algorithm Exchange of a Security Control System for Web Services Applications

It has been determined that the complexity of Internet infrastructures, such as in a distributed system (Web services), can conceal the potential risks of attacks, and subsequently become disadvantageous to Internet users, applications and institutions. We have considered that a better way to cope with such problems can be achieved through utilisation of a systems approach, rather than an analytical approach. In this article the development architecture will be described, and the implementation results of algorithm exchange as part of the TTSN architecture (the project that is currently being undertaken) will be presented. Since Web services applications perform XML-based transactions, which are very vulnerable against an interception, algorithm exchange is a superior alternative than key exchange, the currently common strategy to protect confidentiality, integrity and authentication of data. The reason why key exchange is no longer appropriate for the current Internet technologies will also be discussed.