Title :
Security Protocols in Service-Oriented Architecture
Author :
Ouda, A.H. ; Allison, D.S. ; Capretz, M.A.M.
Author_Institution :
Dept. of Electr. & Comput. Eng., Univ. of Western Ontario, London, ON, Canada
Abstract :
In this paper, a comprehensive Quality of Security Service (QoSS) model for addressing security within a Service-Oriented Architecture (SOA) is proposed. We define a detailed SOA security model that supports and incorporates a number of networking security techniques and protocols. It utilizes symmetric keys, public keys and hash functions techniques, in order to provide different levels of QoSS agreements to satisfy the requirements of both the services providers and requesters. These levels are based on core networking security requirements such as Mutual Authentication, Session keys, Anonymity, and Perfect forward Secrecy. In addition, the proposed model forms a strong line of defense against Replay, Man-in-the-Middle, and Denial-of-Services attacks.
Keywords :
cryptographic protocols; quality of service; software architecture; core networking security; denial-of-services; hash functions; man-in-the-middle; mutual authentication; perfect forward secrecy; public keys; quality of security service; replay; security protocols; service oriented architecture; session keys; Authentication; Protocols; Public key cryptography; Service oriented architecture; Cryptography; Security Protocols; Service-Oriented Architecture; Web Security; Web Services;
Conference_Titel :
Services (SERVICES-1), 2010 6th World Congress on
Conference_Location :
Miami, FL
Print_ISBN :
978-1-4244-8199-6
DOI :
10.1109/SERVICES.2010.44
