Merkle Tree Authentication in UDDI Registries

Elisa Bertino, Barbara Carminati, Elena Ferrari
2004 International Journal of Web Services Research  
UDDI registries are today the standard way of publishing information on web services. They can be thought of as a structured repository of information that can be queried by clients to find the web services that better fit they needs. Even if, at the beginning, UDDI has been mainly conceived as a public registry without specific facilities for security, today security issues are becoming more and more crucial, due to the fact that data published in UDDI registries may be highly strategic and
more » ... sitive. In this paper, we focus on authenticity issues, by proposing a method, based on Merkle Hash Trees, which does not require the party managing the UDDI to be trusted wrt authenticity. In the paper, besides giving all the details of the proposed solution, we show its benefit wrt standard digital signature techniques.
doi:10.4018/jwsr.2004040103 fatcat:56br2xkifngzzj7z22ongfyvh4