期刊名称:Journal of Emerging Technologies in Web Intelligence
印刷版ISSN:1798-0461
出版年度:2014
卷号:6
期号:3
页码:305-317
DOI:10.4304/jetwi.6.3.305-317
语种:English
出版社:Academy Publisher
摘要:This research proposes a new secure token profile for improving the existing Web Services security standards. It provides a new authentication mechanism. This additional level of security is important for the Service-Oriented Architecture (SOA), which is an architectural style that uses a set of principles and design rules to shape interacting applications and maintain interoperability. Web Services is one of the technologies to implement SOA and it can be implemented using Simple Object Access Protocol (SOAP). A SOAP-based Web Service relies on XML for its message format and common application layer protocols for message negotiation and transmission. However, it is a security challenge when a message is transmitted over the network, especially on the Internet. The Organization for Advancement of Structured Information Standards (OASIS) announced a set of Web Services Security standards that focus on two major areas. “Who” can use the Web Service and “What” are the permissions. However, the location or domain of the message sender is not authenticated. Therefore, a new secure token profile is proposed for enhancing existing Web Service security standards and illustrates its performance advantage over existing WS-Security standards.
关键词:Web Services Security standard;OASIS Standard 1.1;Service Oriented Architecture;SOAP
