Challenges in Securing ESB Against Web Service Attacks

Web services and Service oriented architecture are innovative phase of distributed computing, build on top of the distributed computing models. Web services are being used mostly for the integration business components. One of the key concerns in web services and service oriented architecture is implementation of adequate security. Security issues in SOA are still probing and in spite of an increase in web service research and development, many security challenges remain unanswered. This chapter introduces the vulnerabilities, threats associated with web services and addresses WS-Security standards and countermeasures. Web service protocol is designed to provide connectivity. Not any of these standards of web services contain any inbuilt security aspect of their own. Web Services are exposed to attack from common Internet protocols and in addition to new categories of attacks targeting Web Services in particular. Consequently, the aim of this chapter is to provide review of security mechanism in web services.

Download Full-text

PROCESS MODEL ONTOLOGY-BASED MATCHMAKING OF SEMANTIC WEB SERVICES

International Journal of Cooperative Information Systems ◽

10.1142/s0218843011002262 ◽

2011 ◽

Vol 20 (04) ◽

pp. 357-370 ◽

Cited By ~ 4

Author(s):

D. PAULRAJ ◽

S. SWAMYNATHAN ◽

M. MADHAIYAN

Keyword(s):

Web Services ◽

Semantic Web ◽

Web Service ◽

Process Model ◽

Service Discovery ◽

Service Oriented Architecture ◽

Semantic Web Services ◽

Functional Part ◽

Service Oriented ◽

Concise Description

One of the key challenges of the Service Oriented Architecture is the discovery of relevant services for a given task. In Semantic Web Services, service discovery is generally achieved by using the service profile ontology of OWL-S. Profile of a service is a derived, concise description and not a functional part of the semantic web service. There is no schema present in the service profile to describe the input, output (IO), and the IOs in the service profile are not always annotated with ontology concepts, whereas the process model has such a schema to describe the IOs which are always annotated with ontology concepts. In this paper, we propose a complementary sophisticated matchmaking approach which uses the concrete process model ontology of OWL-S instead of the concise service profile ontology. Empirical analysis shows that high precision and recall can be achieved by using the process model-based service discovery.

Download Full-text

A Novel Physics Inspired Approach for Web Service Composition

International Journal of Web Services Research ◽

10.4018/ijwsr.2014040104 ◽

2014 ◽

Vol 11 (2) ◽

pp. 67-84 ◽

Cited By ~ 1

Author(s):

Tanveer Ahmed ◽

Abhishek Srivastava

Keyword(s):

Web Services ◽

Web Service ◽

Service Composition ◽

Service Oriented Architecture ◽

Service Providers ◽

Web Service Composition ◽

Heterogeneous Services ◽

Service Oriented ◽

Service Consumer ◽

Selection Of

Service oriented architecture has revolutionized the way a traditional business process is executed. The success of this architecture is Indue to the composition of multiple heterogeneous services at runtime. Web service composition is a mechanism where several web services are combined at runtime to build a complex application for a user. It is one of the most sought after processes in the context of semantic web. But, composition of web services at runtime is a difficult task owing to the availability of multiple service providers offering the same functionality. The process if exasperated by due conflicting preferences of a service consumer. In this paper, the authors address the issue of selecting a service based on Quality of Service (QoS) attributes. They utilize concepts customized from physics to create an environment that facilitates the selection of a best service from the set of similar services. The technique not only facilitates the selection of the service with the best QoS attributes, but distributes the load among expeditiously. Here in this paper, the authors concentrate on minimizing and equitably balancing the waiting time for a user. They conduct in silico experiments on multiple workflows to demonstrate the efficacy of the proposed technique to balance load efficiently among similar service offerings.

Download Full-text

Geospatial Web Services

Emerging Spatial Information Systems and Applications ◽

10.4018/978-1-59904-075-2.ch001 ◽

2011 ◽

pp. 1-35 ◽

Cited By ~ 11

Author(s):

Peishing Zhao ◽

Genong Yu ◽

Liping Di

Keyword(s):

Life Cycle ◽

Information Systems ◽

Web Services ◽

Web Service ◽

Service Oriented Architecture ◽

Spatial Information ◽

Geospatial Data ◽

Spatial Information Systems ◽

Service Oriented ◽

Geospatial Web Services

As Web service technologies mature in recent years, a growing number of geospatial Web services designed to interoperate spatial information over the network have emerged. Geospatial Web services are changing the way in which spatial information systems and applications are designed, developed and deployed. This chapter introduces all aspects of geospatial Web services from service-oriented architecture to service implementation. It covers the life cycle of geospatial Web services in terms of geospatial interoperable standards, including publish, discovery, invocation and orchestration. To make geospatial Web services more intelligent, semantic issues about geospatial data and services are discussed here. Furthermore, the applications of standard-compliant geospatial Web service are also reviewed.

Download Full-text

Quality Prediction of Web Services Based on a Covering Algorithm

Complexity ◽

10.1155/2020/8572161 ◽

2020 ◽

Vol 2020 ◽

pp. 1-17

Author(s):

Ying Jin ◽

Guangming Cui ◽

Yiwen Zhang

Keyword(s):

Web Services ◽

Web Service ◽

Service Oriented Architecture ◽

Quality Prediction ◽

Important Research ◽

Novel Approach ◽

Target User ◽

Service Oriented ◽

Better Than

Service-oriented architecture (SOA) is widely used, which has fueled the rapid growth of Web services and the deployment of tremendous Web services over the last decades. It becomes challenging but crucial to find the proper Web services because of the increasing amount of Web services. However, it proves unfeasible to inspect all the Web services to check their quality values since it will consume a lot of resources. Thus, developing effective and efficient approaches for predicting the quality values of Web services has become an important research issue. In this paper, we propose UIQPCA, a novel approach for hybrid User and Item-based Quality Prediction with Covering Algorithm. UIQPCA integrates information of both users and Web services on the basis of users’ ideas on the quality of coinvoked Web services. After the integration, users and Web services which are similar to the target user and the target Web service are selected. Then, considering the result of integration, UIQPCA makes predictions on how a target user will appraise a target Web service. Broad experiments on WS-Dream, a web service dataset which is widely used in real world, are conducted to evaluate the reliability of UIQPCA. According to the results of experiment, UIQPCA is far better than former approaches, including item-based, user-based, hybrid, and cluster-based approaches.

Download Full-text

QoS Measurement of Workflow-Based Web Service Compositions Using Colored Petri Net

The Scientific World JOURNAL ◽

10.1155/2014/847930 ◽

2014 ◽

Vol 2014 ◽

pp. 1-14 ◽

Cited By ~ 7

Author(s):

Hossein Nematzadeh ◽

Homayun Motameni ◽

Radziah Mohamad ◽

Zahra Nematzadeh

Keyword(s):

Web Services ◽

Web Service ◽

Petri Net ◽

Process Model ◽

Service Oriented Architecture ◽

Colored Petri Net ◽

Service Oriented ◽

Business Process Execution ◽

And Performance

Workflow-based web service compositions (WB-WSCs) is one of the main composition categories in service oriented architecture (SOA). Eflow, polymorphic process model (PPM), and business process execution language (BPEL) are the main techniques of the category of WB-WSCs. Due to maturity of web services, measuring the quality of composite web services being developed by different techniques becomes one of the most important challenges in today’s web environments. Business should try to provide good quality regarding the customers’ requirements to a composed web service. Thus, quality of service (QoS) which refers to nonfunctional parameters is important to be measured since the quality degree of a certain web service composition could be achieved. This paper tried to find a deterministic analytical method for dependability and performance measurement using Colored Petri net (CPN) with explicit routing constructs and application of theory of probability. A computer tool called WSET was also developed for modeling and supporting QoS measurement through simulation.

Download Full-text

Intelligent Framework for Web-Service Testing

International Journal of Advances in Applied Sciences ◽

10.11591/ijaas.v4.i1.pp32-38 ◽

2015 ◽

Vol 4 (1) ◽

pp. 32

Author(s):

L S RajivKrishna ◽

Y Prasanth

Keyword(s):

Web Services ◽

Web Service ◽

Multiple Testing ◽

Service Oriented Architecture ◽

Automatic Testing ◽

Enterprise Information ◽

Service Oriented ◽

Testing Management ◽

The Web ◽

Automation Testing

<p>Web services provides a distributed computing architecture, with an emerging way of service oriented architecture (SQA). Here service oriented architecture is an interface to both computer systems and web services. Which implements an interaction with each other in new and different ways. According to service oriented architecture it virtually provides a platform for web services to communicate with each other. As it was an easy way for communicating with both clients and services. Many organizations and companies are either evaluating themselves into an enterprise information architectures, or they are in the process of getting adopt to the web services technology. As web services are platform independent it is playing a major role in the enterprise environment, and currently web services are widely accepted by many companies and organizations. So commonly web services possess some challenges to the enterprise environment. As a part of it web service must be tested before publish into a service oriented architecture. It involves large number of test cases, test scenarios that takes more time and effort. Testing management is needed so that it should control the time effort and should reduce the complexity of web service in a large software system, also in a real time world. Automation testing faces these challenges and fixes these issues. Automation testing has an ability to handle the complexities which are experiencing by the web services in a current environment. This paper presents the automatic testing strategies of a web service and detect the problems between both manual and automation testing. Finally results shows the proper effective report on improving the visibility of testing process based on the web approach to enhance the critical communication among multiple testing groups.</p>

Download Full-text

RANCANG BANGUN LAYANAN E-COMMERCE BERBASIS SERVICE ORIENTED ARCHITECTURE

Jurnal Informatika Polinema ◽

10.33795/jip.v1i2.100 ◽

2017 ◽

Vol 1 (2) ◽

pp. 36

Author(s):

Alfian Ardiyanta R ◽

Imam Fahrur R ◽

Rudy Ariyanto

Keyword(s):

Web Services ◽

Web Service ◽

Customer Service ◽

Service Oriented Architecture ◽

Service Setting ◽

Service Oriented

Layanan e-Commerce merupakan suatu aplikasi yang dapat membantu merchant dalam pembuatan online shop. Dalam pembangunan Layanan e-Commerce metode untuk arsitektur aplikasi yang dapat digunakan adalah Service Oriented Architecture (SOA). SOA adalah suatu teknologi arsitektur pengembangan perangkat lunak dengan pendekatan Service, memungkinkan hubungan dan pertukaran data atau informasi antar bagian menjadi mudah dan merupakan solusi dalam menghadapi permasalahan dalam bidang pengolahan data atau informasi suatu organisasi yang terus berkembang. Berdasarkan analisis SOA pada layanan e-Commerce dihasilkan 10 service utama yaitu merchant service, login service, kategori service, produk service, order service, confirmation payment service, customer service, setting service, akun bank service, dan blog service. Dalam penelitian ini service utama dirancang dan implementasikan pada aplikasi Layanan e-Commerce menggunakan web services. Simpulan dari penelitian ini, perancangan dan penerapan suatu e-Commerce bagi organisasi yang bisnis prosesnya terus berubah dan berkembang mengikuti kebutuhan sangat tepat menggunakan analisa dan perancangan berbasis Service Oriented Architecture dengan menggunakan Web Service.

Download Full-text

Enhancing Security Modeling for Web Services Using Delegation and Pass-On

International Journal of Web Services Research ◽

10.4018/jwsr.2010010101 ◽

2010 ◽

Vol 7 (1) ◽

pp. 1-21 ◽

Cited By ~ 4

Author(s):

Wei She ◽

I-Ling Yen ◽

Bhavani Thuraisingham

Keyword(s):

Web Services ◽

Web Service ◽

Information Flow ◽

Security Model ◽

Security Issues ◽

Web Service Security ◽

Security Models ◽

Composite Services ◽

Service Environments ◽

Security Standards

In recent years, security issues in web service environments have been widely studied and various security standards and models have been proposed. However, most of these standards and models focus on individual web services and do not consider the security issues in composite services. In this article, the authors propose an enhanced security model to control the information flow in service chains. It extends the basic web service security models by introducing the concepts of delegation and pass-on. Based on these concepts, new certificates, certificate chains, delegation and pass-on policies, and how they are used to control the information flow are discussed. The authors also introduce a case study from a healthcare information system to illustrate the protocols.

Download Full-text

User Preference-Based Web Service Composition and Execution Framework

Advances in Systems Analysis, Software Engineering, and High Performance Computing - Advanced Research on Cloud Computing Design and Applications ◽

10.4018/978-1-4666-8676-2.ch009 ◽

2015 ◽

pp. 118-138 ◽

Cited By ~ 1

Author(s):

Bassam Al-Shargabi ◽

Omar Sabri

Keyword(s):

Web Services ◽

Web Service ◽

Service Composition ◽

Service Oriented Architecture ◽

Wide Spectrum ◽

Web Service Composition ◽

User Preferences ◽

User Preference ◽

Service Oriented ◽

Composition Process

the motivation behind this chapter is that Service Oriented architecture issued to compose an application as a set of services that are language and platform independent, communicate with each other, Therefore, user preferences rules in web service composition process plays crucial role and has opened a wide spectrum of challenge, In this chapter, an agent for composing web services based on user preferences was introduced to fulfill a certain process, where the user preferences are essential for determining which web service are to be selected. In other word, the agent designed to maintain the following function: an intelligent web services selection and planning based on user preferences(such as price or availability), along with web services execution, tracking and adaptation.

Download Full-text