Secure Soap-Based Web Services for Distance Education

Abstract

The objective of this paper is to emphasize the need for an effective security model and its implementation for distributed applications. Online web-based education needs to share the resources dynamically, irrespective of the network and platform on which the services are deployed. A communication protocol called Simple Object Access Protocol (SOAP) provides a platform for interoperability, which holds the key for the reuse and integration needed for tomorrow’s sophisticated online learning. The requirements of a diverse population of learners can be met with a flexible system such as SOAP that provides education at anytime from anywhere. SOAP protocol does not include the security of the web transactions it carries and so it is the responsibility of any application to take care of the safety of its critical data being transmitted. This paper attempts to bring out a comprehensive security model based on cryptographic techniques for the distributed web services connected through a SOAP-RPC based communication network to safeguard sensitive information over the wire. The adaptive nature of this proposed security model, not only considers the protection of an entire web transaction, but also customizes the safety of any fragment of the transaction. This paper analyzes a possible and an alternate security mechanism to vendor-dependant technologies as applicable to the distributed services.