Security Impact on e-ATM Windows Communication Foundation Services using Certificate based Authentication and Protection: An implementation of Message Level Security based on .NET Technique

Security Impact on e-ATM Windows Communication Foundation Services using Certificate based Authentication and Protection: An implementation of Message Level Security based on .NET Technique

Subhash Medhi (Loktak Power Station, National Hydro Electric Power Corporation Ltd., Loktak, India), Abhijit Bora (Department of Electronics & Communication Technology, Gauhati University, Guwahati, India) and Tulshi Bezboruah (Department of Electronics & Communication Technology, Gauhati University, Guwahati, India)
Copyright: © 2016 |Pages: 15
DOI: 10.4018/IJIRR.2016070103


The authors proposed to design and implement a prototype research electronic automated teller machine service using Windows Communication Foundation to study the performance and scalability of implementing Web Service Security policy. The software chosen for building the service are C# programming language, Internet Information Service web server, Microsoft Structured Query Language database server and Visual Studio.NET Integrated Design Environment as development toolkits. To evaluate the different performance metrics, the Windows Communication Foundation Service has been tested by using testing tool Mercury LoadRunner, version 8.1. In this paper, the authors will present the architecture of the service, its testing procedures, and statistical analysis of the system performance.
Article Preview

1. Introduction

Web Service paradigm (WSP) offers a set of standards and technologies that an organization can interact with different networks securely. It is a service intended to operate within machines to exchange Simple Object Access Protocol (SOAP) messages over diverse networks (Catalina et al, 2005). Web Service (WS) is a software component comprised of specific business methods that is published, described and invoked over diverse networks using Extensible Mark Up Language (XML) based open standards (Siew et al, 2006). WS is a computing technology that offers interaction and interchange of resources among e-service community and clients (Oladosu et al, 2005). WS normally complies with four standards, such as: (a) XML, the messages are sent over network in an XML format, (b) SOAP, an standard protocol to specify how XML documents are exchanged over Hyper Text Transfer Protocol (HTTP) or Message Oriented Middleware (MOM), (c) Web Service Description Language (WSDL), offers a metadata description of request and response parameters for interfacing, and (d) Universal Description Discovery and Integration (UDDI), the directory where services are registered.

Windows Communication Foundation (WCF) is a technology for implementing, configuring and deploying distributed Service Oriented Architecture (SOA) applications using a set of classes placed at the top of the .NET Common Language Runtime (CLR). The existing different distributed technologies like ASMX WS, .NET Framework remoting, Microsoft Enterprise Services and Microsoft Message Queuing (MSMQ) are unified in one umbrella of WCF. Client can access loosely coupled services through the use of WSDL irrespective of platform from which the service is hosted. WCF supports many advanced WS-Security specifications as WS-Security, WS-Reliable Messaging, WS-Automatic Transaction, WS-Secure Conversation, WS-Trust etc. WCF .NET facilitates the development of distributed and interconnected applications based on SOA (Markus & Bernd, 2010). WCF has been designed to provide manageable approach to distributed computing, interoperability and service orientation in varied systems maintaining security and reliability of services (Mistry & Khanna, 2011). The WCF service has composed of three components to a simple job of message communication with a client in SOA model, they are: (i) Service Class that implements service as a set of methods, (ii) Host Environment, the service can be hosted in Console Application, Windows Service, Windows Forms Application or in IIS, and (iii) Endpoints, the messages are communicated via service and client endpoints. WCF is a unified technique for design and developing SOA architecture (Mostafa et al, 2012). WCF interacts with other systems using SOAP messages as defined in WSDL, exchanges message using HTTP or HTTPS protocols in XML format, service registry based on UDDI standard is used to publish and discover WCF services (Ahmad, 2014).

Complete Article List

Search this Journal:
Open Access Articles: Forthcoming
Volume 10: 4 Issues (2020): Forthcoming, Available for Pre-Order
Volume 9: 4 Issues (2019): 3 Released, 1 Forthcoming
Volume 8: 4 Issues (2018)
Volume 7: 4 Issues (2017)
Volume 6: 4 Issues (2016)
Volume 5: 4 Issues (2015)
Volume 4: 4 Issues (2014)
Volume 3: 4 Issues (2013)
Volume 2: 4 Issues (2012)
Volume 1: 4 Issues (2011)
View Complete Journal Contents Listing