期刊名称:Advances in Computer Science and its Applications
印刷版ISSN:2166-2924
出版年度:2012
卷号:1
期号:1
页码:78-83
语种:English
出版社:World Science Publisher
摘要:Major usage of Internet elevates the significance of web services, which in turn makes web service security a very challenging issue. Web Service uses SOAP to exchange information; although SOAP guarantees XML security, XML is still liable to attacks like XML rewriting, XML bombing, external entry attack, denial of service etc. Hence providing security at the message level seems to be important with respect to web services. This proposed work provides a method to enhance the security of the web service at message level by encrypting the SOAP message using AES, with the help of shared key generated using Diffie Hellman key exchange mechanism. The key exchange is implemented as service and a digital signature handler is provided to enable a secured key exchange and is done well before the SOAP message generation. The main feature of this proposed system is that the variable keys are used for encryption each time the request is sent which prevents hacking of messages in application invoking web services.
关键词:Web Service Security;SOAP message;AES;Diffie Hellman;XML Security
