|
Enhancing Web Services Security in E-business
|
|
Iehab Alrassan
Computer Science department
King Saud University
Riyadh, Saudi Arabia
irassan@ksu.edu.sa
Maha Alrashed
Computer Science department
King Saud University
Riyadh, Saudi Arabia
Maha_al_rashed@hotmail.com
|
|
|
|
Abstract
.Nowadays, most of enterprises are using Web Services as a new wave for exchanging information in their e-business integration. Security is a major concern when Web Services are emerged. Web Services are based on SOAP(Simple Object Access Protocol) message for exchanging information. In e- business, this information may be sensitive and there is a huge possibility that SOAP message is intercepted and modified by eavesdroppers. In This research, we discuss the significant impact of adoption Web Services in e-business, whereas Web Services support application-to-application interactions. However, security still the biggest challenge that faces Web Services. We also highlight the web services security standards that may be used to ensure Web Services security. Any proposed security model must consider the securities' goals which are integrity, authorization, authentication, confidentiality and non- repudiation. In this research, we focus on SOAP message and how to ensure its security, since the SOAP message is the transmission unit in Web Services. We proposed a security model to enhance security of e-business. This model is based on XML signature and XML encryption to sign and encrypt SOAP message. Moreover, RSA is the encryption algorithm that used for encryption. We expect that our proposed model will achieve a good security with acceptable performance.
|
|
|
|
Keywords
:
Web Services ; SOAP ; e-business ; XML encryption ; XML signature ; SAML ; XKMS
|
|
|
|
URL: http://dx.doi.org/10.7321/jscse.v3.n3.76
|
|
|
|
|