This paper proposes a new secure token profile for enhancing existing Web Services Security (WSS) standards which provide message integrity, message confidentiality, user authentication and authorization. Service Oriented Architecture(SOA) is widely adopted, most systems use Web Servicesimplemented using Simple Object Access Protocol (SOAP), an XML document or message exchanges between sender and receiver using HTTP protocol or other communication protocols. Security is critical because the message is transferred around a public network, the Internet. Whilst current Web Services Security Standards protect the message; the location or domain of the message sender is not authenticated, this can be provided using the proposed token profile. Moreover, the proposed token has a performance advantage over existing WSS standards.
History
Publication status
Published
File Version
Published version
Journal
2012 Ninth International Joint Conference on Computer Science and Software Engineering (JCSSE)