WS-SM: Web Services - Secured Messaging Framework with Pluggable APIs - Computational Intelligence in Data Science
Conference Papers Year : 2020

WS-SM: Web Services - Secured Messaging Framework with Pluggable APIs

Kanchana Rajaram
  • Function : Author
  • PersonId : 1117247
Chitra Babu
  • Function : Author
  • PersonId : 1117258

Abstract

Dynamic composition of web services is important in B2B applications where user requirements and business policies change and new services get added to the service registry frequently. In a dynamic composition environment, ensuring the security of messages communicated among the web services becomes challenging since, several attacks are possible on SOAP messages in the public network due to their standardized interfaces. Most of the existing works on web services security provide solutions to ensure basic security features such as confidentiality, integrity, authentication, authorization, and non-repudiation. Few existing works that provide solutions such as schema validation and schema hardening for attacks on web services do not provide attack-specific solutions. The web services security standard and all the existing works have addressed only the security of messages between a client and a single web service but not the security for messages between two services which is quite challenging. Hence, a security framework for secured messaging among web services has been proposed to provide attack-specific solutions. Since new types of web service attacks are evolving over time, the proposed security solutions are implemented as APIs that are pluggable in any server where the web service is deployed. The proposed framework has been tested for compliance with WSI-BP to demonstrate its interoperability and subjected to vulnerability testing which proved its immunity to attacks. The stress testing results revealed that the throughput decreased only by 35% achieving a good trade-off between performance and security.
Fichier principal
Vignette du fichier
507484_1_En_19_Chapter.pdf (532.77 Ko) Télécharger le fichier
Origin Files produced by the author(s)

Dates and versions

hal-03434801 , version 1 (18-11-2021)

Licence

Identifiers

Cite

Kanchana Rajaram, Chitra Babu. WS-SM: Web Services - Secured Messaging Framework with Pluggable APIs. 3rd International Conference on Computational Intelligence in Data Science (ICCIDS), Feb 2020, Chennai, India. pp.233-247, ⟨10.1007/978-3-030-63467-4_19⟩. ⟨hal-03434801⟩
35 View
31 Download

Altmetric

Share

More