Web Service Security-Overview, Analysis and Challenges
The web services (WS) technology became the reference
architecture during the last few years for the integration
of heterogeneous systems. As it is nowadays critical for
business to make applications communicate over the
internet. WS has take essential position for building and
integrating e-business applications and to allow
Information system technologies to communicate in an
interoperable manner. New WS extra standards have been
developed through the cooperation of several
standardization organizations. This technology has also
some limits specially security issues. We will try
throughout this paper to provide an overview and an
analysis of the standards in the field of web services
security as well as to analyze the issues that are not yet
addressed.
Treating Web Services security means treating aspects
like authentication, authorization, integrity and
confidentiality and how they can be guaranteed in WS
architecture. Also an overview related standards called
WS-Security, including how they combine to address
security pains especially in a business to business Web
Services scenario.
Keywords: Web Services, SOAP, WS Security, authentication, threats, policies
Download Full-Text
ABOUT THE AUTHORS
El Houssain Ben Messaoud
Department of Computer Engineering, Ecole Mohammadia d’Ingénieurs, Mohammed V University - Agdal, Rabat, Morocco
Ouafaa Diouri
Department of Computer Engineering, Ecole Mohammadia d’Ingénieurs, Mohammed V University - Agdal, Rabat, Morocco
El Houssain Ben Messaoud
Department of Computer Engineering, Ecole Mohammadia d’Ingénieurs, Mohammed V University - Agdal, Rabat, Morocco
Ouafaa Diouri
Department of Computer Engineering, Ecole Mohammadia d’Ingénieurs, Mohammed V University - Agdal, Rabat, Morocco