Title :
Design and Implementation of a Rule-based Security Engine for XML Web Services
Author :
Vasudevan, Priya ; Yang, Lan
Author_Institution :
Comput. Sci. Dept., California State Polytech. Univ., Pomona, CA
Abstract :
Web services are software systems that enable applications serving various functions through the Web. Extensible markup language (XML) is used in the integration of applications which makes data sharing and communication within applications easier and uniform. Security is an important aspect of Web services. Securing XML data is critical to the success of any Web based applications or Web services. In this research work we have designed and implemented a single-point rule-based security engine for Apache Axis. Apache Axis is an open source Web services development and deployment platform. By doing this we reuse the same security engine for more than one Web service so that applications need not to implement separate security logic. The security engine provides support for authentication, authorization, decryption and signature verification. A test application is also implemented to validate the design and implementation of the rule-based security engine
Keywords :
Internet; XML; formal verification; public domain software; security of data; Apache Axis; XML; authentication; authorization; data sharing; decryption; design validation; extensible markup language; open source Web services development; rule-based security engine; signature verification; Application software; Authentication; Authorization; Communication system security; Data security; Engines; Logic; Software systems; Web services; XML;
Conference_Titel :
Software Engineering Research, Management and Applications, 2006. Fourth International Conference on
Conference_Location :
Seattle, WA
Print_ISBN :
0-7695-2656-X
DOI :
10.1109/SERA.2006.25
