Security for Web services and service-oriented architectures

This document was uploaded by one of our users. The uploader already confirmed that they had the permission to publish it. If you are author/publisher or own the copyright of this documents, please report to us by using this DMCA report form.

Simply click on the Download Book button.

Yes, Book downloads on Ebookily are 100% Free.

Sometimes the book is free on Amazon As well, so go ahead and hit "Search on Amazon"

Web services based on the eXtensible Markup Language (XML), the Simple Object Access Protocol (SOAP), and related standards, and deployed in Service-Oriented Architectures (SOA), are the key to Web-based interoperability for applications within and across organizations. It is crucial that the security of services and their interactions with users is ensured if Web services technology is to live up to its promise. However, the very features that make it attractive – such as greater and ubiquitous access to data and other resources, dynamic application configuration and reconfiguration through workflows, and relative autonomy – conflict with conventional security models and mechanisms.

Elisa Bertino and her coauthors provide a comprehensive guide to security for Web services and SOA. They cover in detail all recent standards that address Web service security, including XML Encryption, XML Signature, WS-Security, and WS-SecureConversation, as well as recent research on access control for simple and conversation-based Web services, advanced digital identity management techniques, and access control for Web-based workflows. They explain how these implement means for identification, authentication, and authorization with respect to security aspects such as integrity, confidentiality, and availability.

This book will serve practitioners as a comprehensive critical reference on Web service standards, with illustrative examples and analyses of critical issues; researchers will use it as a state-of-the-art overview of ongoing research and innovative new directions; and graduate students will use it as a textbook on advanced topics in computer and system security.

Author(s): Elisa Bertino, Lorenzo Martino, Federica Paci, Anna Squicciarini (auth.)
Edition: 1
Publisher: Springer-Verlag Berlin Heidelberg
Year: 2010

Language: English
Pages: 226
City: Heidelberg [Germany]; New York
Tags: Systems and Data Security; Information Systems Applications (incl.Internet); Business Information Systems; Software Engineering

Front Matter....Pages i-xii
Introduction....Pages 1-8
Web Service Technologies, Principles, Architectures, and Standards....Pages 9-23
Web Services Threats, Vulnerabilities, and Countermeasures....Pages 25-44
Standards for Web Services Security....Pages 45-77
Digital Identity Management and Trust Negotiation....Pages 79-114
Access Control for Web Services....Pages 115-146
Secure Publishing Techniques....Pages 147-157
Access Control for Business Processes....Pages 159-177
Emerging Research Trends....Pages 179-195
Back Matter....Pages 197-226