Web Services Security: Threats and Challenges

SKK Migas plans to apply end-to-end security based on Web Services Security (WS-Security) for Sistem Operasi Terpadu (SOT). However, there are no prototype or simulation results that can support the plan that has already been communicated to many parties. This paper proposes an experiment that performs PRODML data transfer using WS-Security by altering the WSDL to include encryption and digital signature. The experiment utilizes SoapUI, and successfully loaded PRODML WSDL that had been altered with WSP-Policy based on X.509 to transfer a SOAP message.

Download Full-text

Web Services Security and Threats: A Systematic Literature Review

2020 International Conference on ICT for Smart Society (ICISS) ◽

10.1109/iciss50791.2020.9307569 ◽

2020 ◽

Author(s):

Eriyanto Adhi Setyawan ◽

Fadhil Hidayat

Keyword(s):

Literature Review ◽

Web Services ◽

Systematic Literature Review ◽

Web Services Security

Download Full-text

A Framework for Enhancing Web Services Security

31st Annual International Computer Software and Applications Conference - Vol. 2 - (COMPSAC 2007) ◽

10.1109/compsac.2007.22 ◽

2007 ◽

Cited By ~ 11

Author(s):

Navya Sidharth ◽

Jigang Liu

Keyword(s):

Web Services ◽

Web Services Security

Download Full-text

Semantic matching of web services security policies

2012 7th International Conference on Risks and Security of Internet and Systems (CRiSIS) ◽

10.1109/crisis.2012.6378955 ◽

2012 ◽

Cited By ~ 2

Author(s):

Monia Ben Brahim ◽

Tarak Chaari ◽

Maher Ben Jemaa ◽

Mohamed Jmaiel

Keyword(s):

Web Services ◽

Security Policies ◽

Semantic Matching ◽

Web Services Security

Download Full-text

Security Frameworks for Open LBS Based on Web Services Security Mechanism

Parallel and Distributed Processing and Applications - ISPA 2005 Workshops - Lecture Notes in Computer Science ◽

10.1007/11576259_66 ◽

2005 ◽

pp. 609-618 ◽

Cited By ~ 1

Author(s):

Kiyoung Moon ◽

Namje Park ◽

Kyoil Chung ◽

Sungwon Sohn ◽

Jaecheol Ryou

Keyword(s):

Web Services ◽

Security Mechanism ◽

Web Services Security

Download Full-text

Web Services Security: Is the Problem Solved?

Information Systems Security ◽

10.1201/1086/44530.13.3.20040701/83066.4 ◽

2004 ◽

Vol 13 (3) ◽

pp. 22-31 ◽

Cited By ~ 12

Author(s):

Carlos Gutiérrez ◽

Eduardo Fernández-Medina ◽

Mario Piattini

Keyword(s):

Web Services ◽

Web Services Security

Download Full-text

Cyber security detection and monitoring at IHEP private cloud for web services

EPJ Web of Conferences ◽

10.1051/epjconf/201921407016 ◽

2019 ◽

Vol 214 ◽

pp. 07016 ◽

Cited By ~ 1

Author(s):

Tian Yan ◽

Shan Zeng ◽

Mengyao Qi ◽

Qingbao Hu ◽

Fazhi Qi

Keyword(s):

Web Services ◽

Cyber Security ◽

Security Threats ◽

Cloud Platform ◽

Private Cloud ◽

Data Store ◽

Open Source Data ◽

Source Data ◽

System Maintenance ◽

Security Incidents

To improve hardware utilization and save manpower in system maintenance, most of the web services in IHEP have been migrated to a private cloud build upon OpenStack. However, cyber security attacks becomes a serious threats to the cloud progressively. Therefore, a cyber security detection and monitoring system is deployed for this cloud platform. This system collects various security related logs as data sources, and processes them in a framework composed of open source data store, analysis and visualization tools. With this system, security incidents and events can be handled in time and rapid response can be taken to protect cloud platform against cyber security threats.

Download Full-text