Architecture for Improving Security in Web Environment

2016 ◽  
pp. 316-333 ◽  
Author(s):  
Varaprasad Rao M ◽  
A.V. Krishna Prasad
Keyword(s):  
Web Service ◽  
Data Privacy ◽  
Current Model ◽  
Web Security ◽  
Security Risks ◽  
Service Architecture ◽  
Web Based ◽  
Security Issues ◽  
Web Environment ◽  
Delivery Models

Web security threats have undergone much sophistication compared to their initial introduction and they are becoming more & more evolved every day. The evolution might be in terms of new ways of attack or bringing in resistance to using simulated OS or VM environments. Web service architecture is a set of standard protocols to communicate secure web services. Which include policy, security, trust, secure conversation, reliable messaging and automatic transactions. Security is one of the major issues which reduces the growth of computing and complications with data privacy and data protection continue to plague the market. A new model targeting at improving features of an existing model must not risk or threaten other important features of the current model. The architecture of web poses such a threat to the security of the existing technologies when deployed in a web-based environment. In this chapter, the different security risks presented and specific to the different security issues that has emanated due to the nature of the service delivery models.

Experiential Learning of Networking Technologies: Understanding Web Security

2018 ◽  
Author(s):  
Ram P. Rustagi ◽  
Viraj Kumar
Keyword(s):  
Experiential Learning ◽  
Web Security ◽  
Web Based ◽  
Security Issues ◽  
Hands On ◽  
Networking Technologies

With the rapid increase in the volume of e-commerce, the security of web-based transactions is of increasing concern. A widespread but dangerously incorrect belief among web users is that all security issues are taken care of when a website uses HTTPS (secure HTTP). While HTTPS does provide security, websites are often developed and deployed in ways that make them and their users vulnerable to hackers. In this article we explore some of these vulnerabilities. We first introduce the key ideas and then provide several experiential learning exercises so that readers can understand the challenges and possible solutions to them in a hands-on manner.

Restful Web Service and Web-Based Data Visualization for Environmental Monitoring

2015 ◽  
Vol 3 (1) ◽  
pp. 75-94 ◽  
Author(s):  
Sungchul Lee ◽  
Ju-Yeon Jo ◽  
Yoohwan Kim
Keyword(s):  
Web Service ◽  
Data Visualization ◽  
Water Environment ◽  
Environmental Data ◽  
Renewable Energy Resources ◽  
Service Architecture ◽  
Web Based ◽  
Research Fields ◽  
Restful Web Service ◽  
Rest Api

The Nevada Solar Energy-Water-Environment Nexus project collects a large amount of environmental data from a variety of sensors such as soil, atmosphere, biology, and ecology. Mostly, the environmental data is related to a development of renewable energy resources in the Nexus project. The environmental data can have an impact on other research fields if it can easily be shared with other researchers, students, teachers, and general users. Therefore, Nevada Climate Change Portal (NCCP) site was created for Nexus project with a purpose of sharing such data. However, there are some challenges to address in utilizing such data, collecting the data, and sharing the data among the users. In this research, the authors propose Extended Web Service Architecture for solving these challenges. The authors implement Arduino instead of CR1000 as a collector due to its cost effectiveness. The authors also use REST API to overcome the limitations of Arduino. Moreover, the authors experiment with popular Web-based data visualization tools such as Google Chart, Flex, OFC, and D3 to visualize NCCP data.

scholarly journals E-Learning: A Milestone in the Research of Data Mining

2012 ◽  
pp. 82-86
Author(s):  
Sabyasachi Pattnaik ◽  
Jui Pattnayak ◽  
Priyaranjan Dash
Keyword(s):  
Data Mining ◽  
Web Service ◽  
Learning Environments ◽  
System Architecture ◽  
Functional Model ◽  
Application Domain ◽  
Service Architecture ◽  
Web Based ◽  
Web Based Learning ◽  
E Learning

Data Mining and Data Warehousing are two most important techniques for pattern discovery and centralized data management in today’s technology. ELearning is one of the most significant applications of data mining. The main objective is to provide a proposal for a functional model and service architecture. The standards and system architecture are analyzed here. This paper gives importance to the integration of Web Services on the e-Learning application domain, because Web Service is the most advanced choice for distance education now. The process of e-Learning can be possible more effectively with the help of Web usage mining. More advanced tools are developed for online customer’s behaviour to increase sales, and profit, but no such tools are developed to understand learner’s behaviour in e-Learning. In this paper, some data mining techniques are discussed that could be used to enhance web-based learning environments.

Certification and Security Issues in Biomedical Grid Portals

2013 ◽  
pp. 1377-1399
Author(s):  
Charalampos Doukas ◽  
Ilias Maglogiannis ◽  
Aristotle Chatziioannou
Keyword(s):  
Web Service ◽  
User Authentication ◽  
Data Encryption ◽  
Proper Function ◽  
Sensitive Data ◽  
Web Based ◽  
Security Issues ◽  
Web Service Security ◽  
Security Infrastructure ◽  
Secure Authentication

User authentication and data security are very important aspects for the deployment and proper function of biomedical grid portals, since both sensitive data issues and controlled access to grid resources must be addressed. This chapter discusses certification and security issues in biomedical grid portals and presents the security infrastructure of GRISSOM (Grids for In Silico Systems biology and Medicine) platform. The platform consists of a web-based portal and a Web Service that enables statistical analysis of microarray cDNA data with the use of EGEE Grid infrastructure. The security infrastructure addresses user authentication and access issues, data encryption, Grid secure access and Web Service Security. The appendix of the chapter contains code snapshots on how to implement secure authentication in Web Services and create user SSL certificates on demand.

Web Services and E-Business Technologies

2011 ◽  
pp. 249-261
Author(s):  
David Anyiwo ◽  
Sumana Sharma
Keyword(s):  
Web Services ◽  
Large Scale ◽  
Future Research ◽  
Security Risks ◽  
Security Issues ◽  
Web Environment ◽  
Continuity Planning ◽  
Technology Applications ◽  
Security Standards ◽  
Business Technology

The large scale deployment of Web services and e-business technologies in general – is affected by numerous implementation (for example, interoperability and integration) and security issues. The focus of this chapter is mainly on exploring the latter from the perspective of initiatives for mitigating security risks in Web services (for example, WS-S specifications) and e-business technologies (for example, security standards, business continuity planning, and cyber legislation). Best practices and recommendations for addressing security risks in the rapidly evolving Web environment are presented. Future research trends associated with the topic of security in Web services and e-business technology applications are also discussed.

Authentication Techniques for UDDI Registries

2011 ◽  
pp. 9-30
Author(s):  
Elisa Bertino ◽  
Barbara Carminati ◽  
Elena Ferrari
Keyword(s):  
Web Services ◽  
Web Service ◽  
Digital Signature ◽  
The Internet ◽  
Software System ◽  
Description Language ◽  
Service Architecture ◽  
Access Protocol ◽  
Security Issues ◽  
The Web

A Web service is a software system designed to support interoperable application-to-application interactions over the Internet. Web services are based on a set of XML standards, such as Web services description language (WSDL), simple object access protocol (SOAP) and universal description, discovery and integration (UDDI). A key role in the Web service architecture is played by UDDI registries, i.e., a structured repository of information that can be queried by clients to find the Web services that better fit their needs. Even if, at the beginning, UDDI has been mainly conceived as a public registry without specific facilities for security, today security issues are becoming more and more crucial, due to the fact that data published in UDDI registries may be highly strategic and sensitive. In this chapter, we focus on authenticity issues, by proposing a method based on Merkle hash trees, which does not require the party managing the UDDI to be trusted wrt authenticity. In the chapter, besides giving all the details of the proposed solution, we show its benefit wrt standard digital signature techniques.

scholarly journals Enhancement of Web Security Against External Attack

2017 ◽  
Vol 13 (15) ◽  
pp. 228
Author(s):  
Md. Fazlul Haque ◽  
Mohammad Badrul Alam Miah ◽  
Fuyad Al Masud
Keyword(s):  
Web Services ◽  
Web Application ◽  
Real Life ◽  
Web Security ◽  
Vital Role ◽  
Security Vulnerabilities ◽  
Sql Injection ◽  
Web Based ◽  
Security Issues ◽  
Proposed Model

The security of web-based services is currently playing a vital role for the software industry. In recent years, many technologies and standards have emerged in order to handle the security issues related to web services. This paper shows techniques to enhance the security of web services, and some of the recent challenges and recommendations of a proposed model to secure web services. It shows the security process of a real life web application, which includes; HTML5 forms, login security, and a single signon solution. This paper also aim to discuss the ten (10) most common web security vulnerabilities and how to prevent the web application from three (3) of the vulnerabilities. Amongst them are; SQL Injection, Cross Site Scripting and Broken Authentication, and Session Management.

scholarly journals The Design of a Information System of Student Attandance Recording with RESTful Web Service Architecture in SMK Batik 2 Surakarta

2019 ◽  
Vol 2 (1) ◽  
Author(s):  
Hilda Debora ◽  
Dwi Maryono ◽  
Rosihan Ari Yuana
Keyword(s):  
Information System ◽  
Web Service ◽  
System Development ◽  
Student Attendance ◽  
Service Architecture ◽  
Web Based ◽  
A Value ◽  
Waterfall Model ◽  
Restful Web Service ◽  
Education Process

<p>The student attendance is one of the important aspects of the education process to assess the level of discipline of students and be an indicator of whether students need specific guidance related to the attendance. This research aims to design a web-based information system with RESTful web service architecture to help teachers activities for checking student attendance and recapitulation of data recording with more easily. This research uses the methods of research and development (R&amp;D) and implemented at SMK 2 Batik Surakarta. System development method that used in the information system is Waterfall Model. The steps of Waterfall Model consist of analysis, design, code, and test. The end result of this research is the feasibility of the system based on the results of testing on the aspects of functionality yielded a value of 1 (good) while on the aspects of usability obtained percentage amounting to 81.47% (very high), so it can be inferred that This system is worth to use.</p>

Restful Web Service and Web-Based Data Visualization for Environmental Monitoring

Big Data ◽  
2016 ◽  
pp. 690-710
Author(s):  
Sungchul Lee ◽  
Ju-Yeon Jo ◽  
Yoohwan Kim
Keyword(s):  
Web Service ◽  
Data Visualization ◽  
Water Environment ◽  
Environmental Data ◽  
Renewable Energy Resources ◽  
Service Architecture ◽  
Web Based ◽  
Research Fields ◽  
Restful Web Service ◽  
Rest Api

The Nevada Solar Energy-Water-Environment Nexus project collects a large amount of environmental data from a variety of sensors such as soil, atmosphere, biology, and ecology. Mostly, the environmental data is related to a development of renewable energy resources in the Nexus project. The environmental data can have an impact on other research fields if it can easily be shared with other researchers, students, teachers, and general users. Therefore, Nevada Climate Change Portal (NCCP) site was created for Nexus project with a purpose of sharing such data. However, there are some challenges to address in utilizing such data, collecting the data, and sharing the data among the users. In this research, the authors propose Extended Web Service Architecture for solving these challenges. The authors implement Arduino instead of CR1000 as a collector due to its cost effectiveness. The authors also use REST API to overcome the limitations of Arduino. Moreover, the authors experiment with popular Web-based data visualization tools such as Google Chart, Flex, OFC, and D3 to visualize NCCP data.

Certification and Security Issues in Biomedical Grid Portals

2011 ◽  
pp. 174-196
Author(s):  
Charalampos Doukas ◽  
Ilias Maglogiannis ◽  
Aristotle Chatziioannou
Keyword(s):  
Web Service ◽  
User Authentication ◽  
Data Encryption ◽  
Proper Function ◽  
Sensitive Data ◽  
Web Based ◽  
Security Issues ◽  
Web Service Security ◽  
Security Infrastructure ◽  
Secure Authentication

User authentication and data security are very important aspects for the deployment and proper function of biomedical grid portals, since both sensitive data issues and controlled access to grid resources must be addressed. This chapter discusses certification and security issues in biomedical grid portals and presents the security infrastructure of GRISSOM (Grids for In Silico Systems biology and Medicine) platform. The platform consists of a web-based portal and a Web Service that enables statistical analysis of microarray cDNA data with the use of EGEE Grid infrastructure. The security infrastructure addresses user authentication and access issues, data encryption, Grid secure access and Web Service Security. The appendix of the chapter contains code snapshots on how to implement secure authentication in Web Services and create user SSL certificates on demand.

Sign in / Sign up

Export Citation Format

Share Document