Welcome to the InfoSci Platform
Security for Web Services: Standards and Research Issues

Security for Web Services: Standards and Research Issues

Lorenzo Martino, Elisa Bertino
Copyright: © 2012 |Pages: 27
ISBN13: 9781613501047|ISBN10: 1613501048|EISBN13: 9781613501054
DOI: 10.4018/978-1-61350-104-7.ch015
Cite Chapter Cite Chapter

MLA

Martino, Lorenzo, and Elisa Bertino. "Security for Web Services: Standards and Research Issues." Innovations, Standards and Practices of Web Services: Emerging Research Topics, edited by Liang Jie-Zhang, IGI Global, 2012, pp. 336-362. https://doi.org/10.4018/978-1-61350-104-7.ch015

APA

Martino, L. & Bertino, E. (2012). Security for Web Services: Standards and Research Issues. In L. Jie-Zhang (Ed.), Innovations, Standards and Practices of Web Services: Emerging Research Topics (pp. 336-362). IGI Global. https://doi.org/10.4018/978-1-61350-104-7.ch015

Chicago

Martino, Lorenzo, and Elisa Bertino. "Security for Web Services: Standards and Research Issues." In Innovations, Standards and Practices of Web Services: Emerging Research Topics, edited by Liang Jie-Zhang, 336-362. Hershey, PA: IGI Global, 2012. https://doi.org/10.4018/978-1-61350-104-7.ch015

Export Reference

Mendeley
Favorite

Abstract

This article discusses the main security requirements for Web services and it describes how such security requirements are addressed by standards for Web services security recently developed or under development by various standardizations bodies. Standards are reviewed according to a conceptual framework that groups them by the main functionalities they provide. Covered standards include most of the standards encompassed by the original Web Service Security roadmap proposed by Microsoft and IBM in 2002 (Microsoft and IBM 2002). They range from the ones geared toward message and conversation security and reliability to those developed for providing interoperable Single Sign On and Identity Management functions in federated organizations. The latter include Security Assertion Markup Language (SAML), WS-Policy, XACML, that is related to access control and has been recently extended with a profile for Web services access control; XKMS and WS-Trust; WS-Federation, LibertyAlliance and Shibboleth, that address the important problem of identity management in federated organizations. The article also discusses the issues related to the use of the standards and open research issues in the area of access control for Web services and innovative digital identity management techniques are outlined.

Request Access

You do not own this content. Please login to recommend this title to your institution's librarian or purchase it from the IGI Global bookstore.