An Operational Model and Language Support for Securing Web Services

Author

Hwang, Gwan-Hwan ; Chang, Yu-Hsuan ; Chang, Tao-Ku

Author_Institution

Nat. Taiwan Normal Univ., Taipei

fYear

2007

fDate

9-13 July 2007

Firstpage

463

Lastpage

470

Abstract

In this paper, we propose an operational model to support the security of Web services. In addition to satisfying the basic security requirements, including authentication, confidentiality, data integrity, and nonrepudiation, the proposed model supports security mechanisms such as element-wise encryption and temporal-based element-wise digital signatures. Furthermore, the proposed model supports a flexible key specification scheme called explicit key definition, which can be used to define three different types of keys: static keys, dynamically selected keys, and keys applied to digital signatures. The service requester can determine the identity of the keys used without negotiating with the service provider. The implementation and experimental results demonstrate the feasibility of the proposed system.

Keywords

Web services; cryptography; digital signatures; element-wise encryption; explicit key definition; flexible key specification scheme; language support; operational model; temporal-based element-wise digital signature; web service security; Authentication; Cryptography; Data security; Digital signatures; Information security; National security; Simple object access protocol; Web and internet services; Web services; XML;

fLanguage

English

Publisher

ieee

Conference_Titel

Web Services, 2007. ICWS 2007. IEEE International Conference on

Conference_Location

Salt Lake City, UT

Print_ISBN

0-7695-2924-0

Type

conf

DOI

10.1109/ICWS.2007.40

Filename

4279632