Web Services Security

Web Services Security

Fergle D’Aubeterre (The University of North Carolina at Greensboro, USA) and A. F. Salam (The University of North Carolina at Greensboro, USA)
Copyright: © 2006 |Pages: 7
DOI: 10.4018/978-1-59140-799-7.ch198
OnDemand PDF Download:
No Current Special Offers


Web services provide a standard architecture for heterogeneous systems to share and exchange information over the Internet (Iyer, Freedman, Gaynor, & Wyner, 2003). In this context, Web services are based on the building-block approach of using prior Internet protocols and standards as components of Web services. The building blocks include HTTP, adopted as the transport protocol, and XML, used as the format of the messages that are transferred between cooperating applications (Lim & Wen, 2003). For e-businesses to fully realize the benefits of Web services, security issues need to be addressed. Security has become a major concern for all enterprises exposing sensitive data and business processes as Web services (Bhatti, Bertino, Ghafoor, & Joshi, 2004). In this regard, this research proposes an integrated security approach for Web services architecture. The proposed approach, which is an addendum to the Web services security specifications, is built on XML-role-based access control (RBAC) for Web services business processes. Basically, it supports protocol-independent declarative security policies that can be enforced by Web service providers, and descriptive security policies that clients can use to access the services in a secure manner.

Complete Chapter List

Search this Book: