Filters








1,385 Hits in 4.7 sec

A streaming validation model for SOAP digital signature

Wei Lul, K. Chin, A. Slominski, D. Gannon
HPDC-14. Proceedings. 14th IEEE International Symposium on High Performance Distributed Computing, 2005.  
We present the design and implementation of the GHPX/SSSV system for the streaming validation of SOAP Digital Signature.  ...  Our model consists of a streaming canonicalization and optimized SOAP signature validation. We present an empirical study of the performance characteristics of these streaming validation features.  ...  Acknowledgment We would like to thank Satoshi Shirasuna and Liang Fang for useful comments and discussion.  ... 
doi:10.1109/hpdc.2005.1520966 dblp:conf/hpdc/LuCSG05 fatcat:xno2gaa4jzdetm2bkykjgn335m

Implementation and Performance of WS-Security

Satoshi Makino, Kent Tamura, Takeshi Imamura, Yuichi Nakamura
2004 International Journal of Web Services Research  
We implemented a stream-based WS-Security processor and showed its efficiency in XML parsing, in terms of both the processing time and the memory usage.  ...  This article describes performance improvements for the Web Services Security (WS-Security) specification.  ...  Digital signature and encryption The syntax for digitally signing and encrypting SOAP messages is based on the W3C Recommendations for XML signature ("XML Signature", 2002) and XML encryption ("XML Encryption  ... 
doi:10.4018/jwsr.2004010104 fatcat:k4amk5w56zb4pbcnv5luuh52zq

A Stream based Implementation of Secured SOA Model using XML Encryption and XML Signature

Srinath K.S, Mallamma C G, Shankar Rana, Vijay Kumar F G
2014 International Journal of Computer Applications  
This paper proposes the XML signature and encryption as the core of Service Oriented Architecture (SOA) for web service security, and describes how to create and verify XML signature, and how to encrypt  ...  Web service security is essential for SOA-based applications; it has explorative set of technologies such as Simple Object Access Protocol (SOAP), Web Services Description Language (WSDL) and Universal  ...  XML SIGNATURE XML Signatures are used for signing the digital content and verifying the digital signatures.  ... 
doi:10.5120/18050-8956 fatcat:ulqj2jj7rrbwhfsi2qkq2eeome

A Study on Detection Techniques of XML Rewriting Attacks in Web Services

Aziz Nasridinov, Jeong-Yong Byun, Young-Ho Park
2014 International Journal of Control and Automation  
However, the content of a SOAP message, protected with XML Digital Signature, can be changed without invalidating the signature.  ...  Several security standards of Web Service Security (WS-Security), such as XML Digital Signature, are used to secure SOAP messages exchange in Web Service environment.  ...  Acknowledgement This work was supported by the IT R&D program of MKE/KEIT. [10041854, Development of a smart home service platform with real-time danger prediction and prevention for safety residential  ... 
doi:10.14257/ijca.2014.7.1.35 fatcat:7dtctpbp4jfxlf6rydvtl36jne

XML security – A comparative literature review

Andreas Ekelhart, Stefan Fenz, Gernot Goluch, Markus Steinkellner, Edgar Weippl
2008 Journal of Systems and Software  
XML Security consists of three recommendations: XML (Digital) Signature, XML Encryption and XML Key Management Specification (XKMS), all of them published by the W3C.  ...  Trends to different application areas -e.g. use of XML Security for Mobile Computing -are also outlined.  ...  Besides a Streaming SOAP Signature Validator (SSSV), who acts as an intermediary node between GHPX and real application, provides fast verification by recognizing and validating the signatures automatically  ... 
doi:10.1016/j.jss.2007.12.763 fatcat:gr7vsxsw7zcx7lpzmecm6odiau

Authenticating distributed data using Web services and XML signatures

Daniel J. Polivy, Roberto Tamassia
2002 Proceedings of the 2002 ACM workshop on XML security -  
As the need for digital data becomes more ubiquitous, so does the need to provide efficient mechanisms for distributing and verifying the authenticity of that data.  ...  We present an architecture for authenticating responses to queries from untrusted mirrors of authenticated dictionaries using Web Services and XML Signatures.  ...  Brian LaMacchia and Tarik Soulami provided generous insight into the workings of the .NET XML Signature package, and Christian Geuer-Pollmann provided assistance with the Apache XML Security package.  ... 
doi:10.1145/764804.764805 fatcat:qliwhg2ga5g45fgbeixp3sqc6y

An Overview and Evaluation of Web Services Security Performance Optimizations

Robert A. van Engelen, Wei Zhang
2008 2008 IEEE International Conference on Web Services  
End-to-end message security assures the participation of non-secure transport intermediaries in message exchanges, which is a key advantage for Web-based systems and service-oriented architectures.  ...  In this paper we analyze the overhead of the WS-Security protocol processing stages and evaluate existing and new techniques for WS-Security signature performance optimizations to speed up end-to-end message  ...  In [7] the authors describe a streaming validation model for signature processing to reduce the cost of recanonicalization at the receiving side.  ... 
doi:10.1109/icws.2008.102 dblp:conf/icws/EngelenZ08 fatcat:glj6vqgq5natbmfimcynr5rv7q

Authenticating distributed data using Web services and XML signatures

Daniel J. Polivy, Roberto Tamassia
2002 Proceedings of the 2002 ACM workshop on XML security - XMLSEC '02  
As the need for digital data becomes more ubiquitous, so does the need to provide efficient mechanisms for distributing and verifying the authenticity of that data.  ...  We present an architecture for authenticating responses to queries from untrusted mirrors of authenticated dictionaries using Web Services and XML Signatures.  ...  Brian LaMacchia and Tarik Soulami provided generous insight into the workings of the .NET XML Signature package, and Christian Geuer-Pollmann provided assistance with the Apache XML Security package.  ... 
doi:10.1145/764792.764805 dblp:conf/xmlsec/PolivyT02 fatcat:3nvkhy4lofckjdnrjgizclmxly

Countering Wrapping Attack on XML Signature in SOAP Message for Cloud Computing [article]

Hadi Razzaghi Kouchaksaraei, Alexander G. Chefranov
2013 arXiv   pre-print
In the new method, the XML any signature wrapping attack is prevented by employing the concept of XML digital signature on the SOAP message.  ...  It is known that the exchange of information between web applications is done by means of the SOAP protocol. Securing this protocol is obviously a vital issue for any computer network.  ...  XML digital signature employs private key and public key to sign a message and validate the document, respectively.  ... 
arXiv:1310.0441v1 fatcat:2kyk4fmleva4fmdpxeaslfmgja

Secured RESTful Sensor Web Enablement Services for Wireless Sensor Networks

Bouhouchi R, Yengui S
2016 Journal of Telecommunications System & Management  
RESTful services are considered a versatile lightweight solution relied upon by a number of advanced web services.  ...  In this way, we provide a REST security protocol which will implement a secure lightweight sensor message and analyze its performance comparing to equivalent web services.  ...  • Transducer Model Language (TransducerML or TML): Refers to the conceptual model and XML Schema for exchanging live streaming or archived data from any sensor systems.  ... 
doi:10.4172/2167-0919.1000126 fatcat:czd2czoxk5gdlbbm65n5hu4km4

Security of Web Services: Methods and Contrivance

Malinka Ivanova
2017 INTERNATIONAL JOURNAL OF COMPUTERS & TECHNOLOGY  
Contemporary securitystandards and good practices describing methods and contrivance for deciding security problems are explored too toreveal the present state in the field.  ...  Confidentiality is realized for parts of a SOAP message through XML digital signature. The confidentiality defence continues after the end of a session.  ...  Confirmation of the sender identity can be realized through XML digital signature. The receiver can validate the sender"s digital signature through usage of the sender"s public key.  ... 
doi:10.24297/ijct.v14i11.6374 fatcat:42zdeamfkzg2viyeaq4mkkem2i

Web and Web Security

Robert J. Boncella
2004 Communications of the Association for Information Systems  
In using web services for its information systems needs, a firm may open access to its information assets.  ...  The assurance of security of web services is necessary for a firm to be willing to adopt the web services technology as a means of running its information systems  ...  For example, the SOAP Security Extensions: Digital Signatures proposal describes how SOAP messages can be digitally signed.  ... 
doi:10.17705/1cais.01418 fatcat:s6sz3gqnizhfper7azypzjgo4e

All your clouds are belong to us

Juraj Somorovsky, Mario Heiderich, Meiko Jensen, Jörg Schwenk, Nils Gruschka, Luigi Lo Iacono
2011 Proceedings of the 3rd ACM workshop on Cloud computing security workshop - CCSW '11  
As a follow up to those discoveries, we additionally describe the countermeasures against these attacks, as well as introduce a novel "black box" analysis methodology for public Cloud interfaces.  ...  Similarly, the Eucalyptus control interfaces were vulnerable to classical signature wrapping attacks, and had nearly no protection against XSS.  ...  We would also like to thank Xiaofeng Lou for his contributions.  ... 
doi:10.1145/2046660.2046664 dblp:conf/ccs/SomorovskyHJSGI11 fatcat:ytxh57hokzdpfbs563njgmo4fy

Improving WS-security performance with a template-based approach

S. Makino, M. Tatsubori, K. Tamura, Y. Nakamura
2005 IEEE International Conference on Web Services (ICWS'05)  
This is more than twice as fast as the DOM-based WSS processor and our prior work with a stream-based processor.  ...  Inside the processor an automaton is employed that matches the incoming messages and extracts signature values and/or encrypted values.  ...  WSS defines some XML data structure describing digital signatures, encryption, etc. on top of SOAP messages.  ... 
doi:10.1109/icws.2005.70 dblp:conf/icws/MakinoTTN05 fatcat:zxmytlxmuna2nnwk5w763nub34

Security in Web Services- Issues and Challenges

Aruna S
2016 International Journal of Engineering Research and  
Therefore, a study on the existing standards and protocols for security is carried out. The challenges that arise are also discussed.  ...  Digital signatures can be incorporated into SOAP messages. XML firewalls can be implemented. All the requests and responses should be encrypted with header information.  ...  Mirtalebi et.al [7] has proposed a model for ensuring the security of the WSDL files by encrypting them.  ... 
doi:10.17577/ijertv5is090245 fatcat:xay43foe7jd2rekwybb4tlwbbm
« Previous Showing results 1 — 15 out of 1,385 results