Security Issues in Web Services (original) (raw)

Web Services Security: Threats and Challenges

One of the leading developments nowadays within distributed computing is Web Services. Essentially, a Web Service can easily be characterized as an XML structured interface that can easily be utilized by a client program to conjure a computing solution dispersed within a network by means of standard Internet protocols. In order for Web Services to turned out to be a widely used approach for the program to program communication, although, there necessity to be a reliable framework in place for exactly how Web Services that makes use of the general public Internet for transport can be appropriately safeguarded as well as secured. As the circumstances seems nowadays, the majority of services are not really openly revealed however they are frequently implemented within a corporate and business, exclusive network. This hinders the visualization of Web Services that can be openly published in directories which prospective consumers can browse to discover an appropriate service to gratify their particular requirement. This paper explains exactly what the standard threats and obstacles can be found in implementing secured Web Services over openly available and vulnerable networks, as they are described within the literature. It then proceeds to present an introduction to a few of the additional acknowledged security guidelines which happen to be starting to come through around.

An Overview of Web Services Security

BT Technology Journal, 2000

Security and Web Services are consistently reported among the top technologies of interest to businesses. Concerns about security are a major deterrent to companies considering use of the technology. This paper attempts to give an overview of the current state of Web Services security. The main body of the paper is a tour through key concepts used in Web Services security. Examples based on software demonstrators built by the authors are used to explain how the ideas are used in combination to achieve particular aims. The state of play as regards standards is also reviewed. The concluding section gives some pointers as to active research topics.

A survey of web services security

… Science and Its …, 2004

During the past years significant standardization work in web services technology has been made. As a consequence of these initial efforts, web services foundational stable specifications have already been delivered. Now, it is time for the industry to standardize and address the security issues that have risen from this paradigm. Great activity is being carried out on this subject. This article demonstrates, however, that a lot of work needs to be done in web services security. It explains the new web services security threats and mentions the main initiatives and their respective specifications that try to solve them. Unaddressed security issues for each specification are stated. In addition, current general security concerns are detailed and future researches proposed.

IJERT-Security in Web Services- Issues and Challenges

International Journal of Engineering Research and Technology (IJERT), 2016

https://www.ijert.org/security-in-web-services-issues-and-challenges https://www.ijert.org/research/security-in-web-services-issues-and-challenges-IJERTV5IS090245.pdf This paper focuses on the major issues and challenges involved in handling and implementing security in web services. Like any software or web application, web services are also prone to security issues related to authentication, availability and integrity. New and challenging problems related to security arise due to the distributed nature of the web services and their cross platform access and also during service composition. As the web services provide access to the data in an autonomous way, the confidentiality and authenticity of the data transmitted through them attains more importance. In the recent years, many technologies and standards have emerged in order to handle the security issues related to web services. However new threats and attacks related to web services are also coming to forefront. Therefore, a study on the existing standards and protocols for security is carried out. The challenges that arise are also discussed.

Web Services Security: is the problem solved?

… Security Journal: A …, 2004

Due to these immediate benefits, most IT departments are implementing this technol-ogy with the high-priority objective of mak-ing them operable leaving aside, at least ... MAIN WEB SERVICES SECURITY ISSUES The following section describes some of the major security issues ...

Web Services Security – Implementation and Evaluation Issues

Communications in Computer and Information Science, 2008

Web services development is a key theme in the utilization the commercial exploitation of the semantic web. Paramount to the development and offering of such services is the issue of security features and they way these are applied in instituting trust amongst participants and recipients of the service. Implementing such security features is a major challenge to developers as they need to balance these with performance and interoperability requirements. Being able to evaluate the level of security offered is a desirable feature for any prospective participant. The authors attempt to address the issues of security requirements and evaluation criteria, while they discuss the challenges of security implementation through a simple web service application case.

Security for web services: Standards and research issues

2009

Abstract This article discusses the main security requirements for Web services and it describes how such security requirements are addressed by standards for Web services security recently developed or under development by various standardizations bodies. Standards are reviewed according to a conceptual framework that groups them by the main functionalities they provide.

Web Services: Past, Present and Future

In recent times, Web services have gained an amazing fascinates in both distributors as well as scientists. Web services permit accessibility to data that has formerly been locked within corporate and business systems and easily accessible only by using custom-made software .Web solutions, predicated on pre-existing Internet protocols and open guidelines, may offer an adaptable solution to the dilemma of application incorporation. With the support concerning WSDL, SOAP, and UDDI, Web services are growing to be prominent in Web applications. However, the current Web services architectures are challenged with just a few stubborn difficulties, as an instance, security. In this paper, we shall give an overview of these hassles. We feel that fixing these issues will end up imperative to success of Web services. The rest of the paper gives information about the three main technologies applied in association with Web Services: SOAP,WSDL, and UDDI.

A Survey on Security of Web Services and its Implementations

EAI Endorsed Transactions on Cloud Systems, 2017

Web Services are software snippets that can be integrated in HTTP and XML based messages based on web technology. Security plays a crucial role in web services. Web services provide a basis for system integration without any programming language and operating system constraint. The security of web services are determined by the secrecy and reliability of the XML based SOAP message that are used for communication. The valuable data stored on computers and servers over the internet need to be secured based on information security features. The security of web services is an important part and security algorithms using encryption techniques are implemented in web services for key generation and encryption of the messages in SOAP and RESTful Services, to provide more secure communication between two electronic devices. Our work focuses on a systematic study on the security features provided by SOAP and RESTful Services and tries to address the different issues faced in security and presents the research scope in the area of web security