Title :
A Novel SOAP Attachment-Oriented Security Model
Author :
Cui, Xiaoling ; Li, Lei ; Wei, Jun
Author_Institution :
Inst. of Software, Chinese Acad. of Sci., Beijing
Abstract :
Security is playing an increasingly important role in nowadays business. However, at present there isn´t an effective method to secure SOAP attachments. This paper proposes a novel security model for SOAP attachments, which encrypts the attachments and provides digital signature without changing client´s and server´s implementations. In the multi-intermediaries scenario, the whole message is divided into two parts and sent respectively: the primary part goes through as the original message path via intermediaries, while the attachments are sent directly from client to server via no intermediary. Therefore, it improves the efficiency of services and reduces the probability of the attachments´ being attacked. A prototype of this security model is implemented on the Web application server and the experiment results show the feasibility of secure attachments in enterprise applications
Keywords :
Web services; access protocols; client-server systems; cryptography; digital signatures; SOAP attachment-oriented security model; Web application server; attachment encryption; client-server system; digital signature; Computer security; Cryptography; Data security; Information security; Prototypes; Simple object access protocol; Transport protocols; Transportation; Web server; Web services;
Conference_Titel :
Software Reliability Engineering, 2006. ISSRE '06. 17th International Symposium on
Conference_Location :
Raleigh, NC
Print_ISBN :
0-7695-2684-5
DOI :
10.1109/ISSRE.2006.7
