Securing Web Services: Practical Usage of Standards and Specifications: Practical Usage of Standards and Specifications

Front Cover
Periorellis, Panos
IGI Global, Oct 31, 2007 - Computers - 420 pages

Web services are a business-driven technology, as they have arisen from a need for on-demand services and just-in-time integration to enable the rapid exploitation of market opportunities. Security challenges have accelerated alongside the rapid advances in this domain.

The security requirement standards address a number of security and dependability issues. Securing Web Services: Practical Usage of Standards and Specifications collects a complete set of studies that address the security and dependability challenges of Web services and the development of protocols to meet those challenges. Encompassing a complete range of topics including specifications for message level security, transactions, and identity management, this Premier Reference Source enables libraries to provide researchers with an authoritative guide to one of the most challenging technological topics of our time.

 

Contents

Security in ServiceOriented Architecture Issues Standards and Implementations
1
A Retrospective on the Development of Web Service Specifications
22
Secure Web Service Composition Issues and Architectures
50
HighValue B2B Interactions Nonrepudiation and Web Services
71
Dynamic Delegation of Authority in Web Services
111
A PolicyBased Authorization Framework for Web Services Integrating XGTRBAC and WSPolicy
138
Description of Policies Enriched by Semantics for Security Management
162
Using SAML and XACML for Web Service Security and Privacy
182
Building Innovative Secure and Interoperable EGovernment Services
228
Grid Business Process Case Study
257
Combining Web Services and Grid Services Practical Approaches and Implications to Resource Discov
298
Approaches and Best Practices in Web Service Style XML Data Binding and Validation Implications to Securing Web Services
318
Enhancing Web Service Discovery and Monitoring with Quality of Service Information
345
Compilation of References
364
About the Contributors
382
Index
389

Protecting ASPNET Web Services
206

Other editions - View all

Common terms and phrases

Popular passages

Page x - Security in a Web Services World: A Proposed Architecture and Roadmap” (msdn.mierosoft.conhflihrary/en-us/dnwssecur/lltrnl/securitywhitepaper.asp). This document defmes a Web Service security model that supports, integrates and unifies several popular security models, mechanisms, and technologies (including both symmetric and public key technologies) in a platform-neutral manner. The specifications build upon foundational technologies such as SOAP, WSDL, XML Digital Signatures, Kerberos, XML Encryption...
Page 365 - Quality driven web services composition", in Proceedings of the 12th international Conference on World Wide Web (Budapest, Hungary, May 20 - 24, 2003).

About the author (2007)

Panos Periorellis is a computing scientist specializing in security and dependability matters for distributed computing and he has been at the forefront of the development of concepts such as systems of systems and virtual organizations. He currently holds a senior research position at the University of Newcastle upon Tyne in the UK, while at the same time is consulting on security issues for major IT companies. He has written numerous papers in the areas of Web services, and this book constitutes his first editorial effort. In addition, he acts as a reviewer for several journals and participates in various conference and workshop program committees. He maintains strong links with several industrial partners in telecommunications, transactional technologies, and software engineering. As a brief biographical note, he joined the Department of Computing Science at the University of Newcastle upon Tyne in June 2000 as a research associate, shortly after successfully completing his PhD in the area of enterprise modeling, under the supervision of Professor John Dobson. Working on several research projects, he carried out novel and innovative research into areas such as systems integration and security for distributed systems. He was promoted to senior member of academic staff in March 2004, and started researching into issues of security and trust for Web services. Since 1997, he has published over 40 papers on distributed computing, Web and Internet programming, peer-to-peer networks, organizational aspects of software engineering, complex systems, and natural language processing. His research interests remain in the areas of distributed computing, dependability, and complex systems. He holds a PhD in computing science, and an MSc and a BSc (Hons) in information systems. [Editor]

Bibliographic information