Publisher: IGI Global_journal
E-ISSN: 1546-5004|1|3|88-100
ISSN: 1545-7362
Source: International Journal of Web Services Research (IJWSR), Vol.1, Iss.3, 2004-07, pp. : 88-100
Disclaimer: Any content in publications that violate the sovereignty, the constitution or regulations of the PRC is not accepted or approved by CNPIEC.
Abstract
Web services offer a way for very different systems to collaborate independent of the programming language used or the involved operating systems. Their basis is the XML-based SOAP protocol, which can be used over any protocol that is able to transport a byte stream. Due to the fact that Web services do not depend on any operating system and there is no burden of a underlying paradigm, they are ideal for the integration of even completely inhomogeneous systems. However, SOAP does not (and does not have to) deal with security issues, which is nevertheless important for the involved systems. This article describes an add-on for existing Internet proxies to achieve user and developer transparent security features for Web services. This approach allows corporate firewalls to handle authentication. A first step is to add corporate signatures to all outgoing SOAP messages to enable a corporate trust relationship. A second improvement is to use proxy authentication as defined in RFC 2616 and RFC 2617 to add personal signatures assuming that the proxy has access to some key management system.
Related content
Access to resources
Recommend
Prediction of Web Page Accesses by Proxy Server Log
By Wu Y-H.
World Wide Web, Vol. 5, Iss. 1, 2002-01 ,pp. :
TTPs and biometrics for securing the payment of telemedical services
By Polemi D.
Future Generation Computer Systems, Vol. 15, Iss. 2, 1999-03 ,pp. :
A Metamodel for the Web Services Standards
By Simon Balazs Goldschmidt Balazs Kondorosi Karoly
Journal of Grid Computing, Vol. 11, Iss. 4, 2013-12 ,pp. :