Article

Web Services Security: Techniques and Challenges (Extended Abstract)

Author:

Anoop SinghalAuthors Info & Claims

Proceeedings of the 22nd annual IFIP WG 11.3 working conference on Data and Applications Security

Page 158

https://doi.org/10.1007/978-3-540-70567-3_12

Published: 13 July 2008 Publication History

Abstract

Web services-based computing is currently an important driver for the software industry. While several standards bodies (such as W3C and OASIS) are laying the foundation for Web services security, several research problems must be solved to make secure Web services a reality. This talk will present techniques for Web services security and some of the challenges and recommendations for secure web services. This paper is based on our experience in developing the National Institute of Standards and Technology (NIST) Special Publication SP 800-95, "Guide to Secure Web Services". Some of the challenges for secure web services are

End to End Quality of Service and Protection

Availability of Service

Protection from Command Injection Attacks

Identity Management

To adequately support the needs of Web services-based applications, effective risk management and appropriate deployment of alternate countermeasures are essential. Defense-in-depth through security engineering, secure software development, and architecture risk analysis can provide the robustness and reliability required by these applications.

Reference

[1]

Singhal, A., Winograd, T., Scarfone, K.: NIST Special Publication 800-95, Guide to Secure Web Services (August 2007), http://csrc.nist.gov/publications/nistpubs/ 800-95/SP800-95.pdf

Google Scholar

Cited By

View all

Alqahtani HMostefaoui GMaamar Z(2014)A Context-Based Security Framework for Cloud ServicesProceedings of the 3rd International Conference on Context-Aware Systems and Applications10.5555/2762722.2762748(130-137)Online publication date: 7-Oct-2014
https://dl.acm.org/doi/10.5555/2762722.2762748

Web Services Security: Techniques and Challenges (Extended Abstract)
1. Information systems
  1. World Wide Web
2. Social and professional topics
  1. Computing / technology policy

Recommendations

Ws-Security (Web Services Security, short WsS): High-impact Strategies - What You Need to Know Definitions, Adoptions, Impact, Benefits, Maturity, Vendors
Composing Web Services: A QoS View

An Internet application can invoke several services--a stock-trading Web service, for example, could invoke a payment service, which could then invoke an authentication service. Such a scenario is called a composite Web service, and it can be specified ...
Web services enterprise security architecture: a case study
SWS '05: Proceedings of the 2005 workshop on Secure web services

Web Services (WS hereafter) Security is a crucial aspect for technologies based on this paradigm to be completely adopted by the industry. As a consequence, a lot of initiativesof initiatives have arisen during the last years setting as their main ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

Proceeedings of the 22nd annual IFIP WG 11.3 working conference on Data and Applications Security

July 2008

345 pages

ISBN:9783540705666

Editor:
Vijay Atluri

Publisher

Springer-Verlag

Berlin, Heidelberg

Publication History

Published: 13 July 2008

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

1
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 18 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Alqahtani HMostefaoui GMaamar Z(2014)A Context-Based Security Framework for Cloud ServicesProceedings of the 3rd International Conference on Context-Aware Systems and Applications10.5555/2762722.2762748(130-137)Online publication date: 7-Oct-2014
https://dl.acm.org/doi/10.5555/2762722.2762748

Abstract

Reference

Cited By

Recommendations

Ws-Security (Web Services Security, short WsS): High-impact Strategies - What You Need to Know Definitions, Adoptions, Impact, Benefits, Maturity, Vendors

Composing Web Services: A QoS View

Web services enterprise security architecture: a case study

Comments

Information

Published In

Publisher

Publication History

Qualifiers

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

View options

Figures

Other

Share

Share this Publication link

Share on social media

Affiliations