| The Internet is beginning to change the way businesses operate. Companies are using the Web for selling products, to find suppliers or trading partners, and to link existing applications to other applications. With the rise of today's e-business and e-commerce systems, web services are rapidly becoming the enabling technology to meet the need of commerce. However, they are not without problems. While Web services are designed to pass through firewalls and have the capability to access Application Program Interfaces (APIs), they also come with security issues.; In this thesis, I present a viable approach for securing Web services. This approach adopts the Entrust/PKI (Public Key Infrastructure) and PKCS#7 cryptographic message syntax standard. This approach offers the capability to restrict access to an XML Web service to authorized users, and to protect the integrity and confidentiality of XML messages exchanged in a Web service environment. I make some comparison of this approach with existing standards and technologies for Web services security. Finally, a prototype based on the service-oriented architecture (SOA) is developed to validate the performance and effectiveness of the proposed approach. |
PDF Full Text Request