Improving Web Services Security Models

Improving Web Services Security Models

Sawsan Abu-Taleb and Hossam Mustafa
Al-Balqa' Applied University, Jordan


Abstract: Web services are considered one of the main technologies which emerged in recent years, they provide an application ‎integration technology that allows business applications to communicate and cooperate over the Internet. Web services ‎encouraged existent architectures to adopt as one of the most important technologies; Portals, providing content aggregation ‎from various web services sources for providing useful information to users. The distributed sources of web services ‎aggregated into users' pages provide a component model architecture, which allows the plugging of components in ‎infrastructure, which are referred to as portlets. This paper defines effective models for securing portlet contents by defining ‎an access control list for each portlet, which will looks into the access control of web services, and authentication of web ‎services consumers. In addition, this paper introduces a design for trusted authority that will be responsible for fair contract ‎exchange between portlet producers and consumer; thus, defining a single sign-on model, which is responsible for ‎authenticating remote portlets requests.‎

Keywords: Web services, WSRP, single-sign-on, security, and e-contract.‎

Received July 23, 2008; accepted May 17, 2009‎

Read 3881 times Last modified on Wednesday, 13 October 2010 05:29
Share
Top
We use cookies to improve our website. By continuing to use this website, you are giving consent to cookies being used. More details…