PKI and UDDI based trust centre: An attempt to improve web service security

2009 International Conference for Internet Technology and Secured Transactions, (ICITST) Pub Date : 2009-11-01 DOI:10.1109/ICITST.2009.5402549

W. Rekik, Maher Khemakhem, A. Belghith, J. Fayolle

{"title":"PKI and UDDI based trust centre: An attempt to improve web service security","authors":"W. Rekik, Maher Khemakhem, A. Belghith, J. Fayolle","doi":"10.1109/ICITST.2009.5402549","DOIUrl":null,"url":null,"abstract":"Nowadays Internet becomes the most used tool for the ever increasing amount of various transactions between institutions, organizations and more generally between clients and providers. Conducted studies and experiments showed that it is more convenient to provide and achieve these transactions as web services (WS) to guarantee their flexibility and their reuse. So far these services and the corresponding providers' URLs are advertised on specific UDDIs (Universal Description, Discovery and Integration). As such, after finding the requested service any given client contacts the right provider to negotiate the service access procedure. These first contacts between clients and providers are usually and commonly not protected (Encrypted) yielding enough room for Hackers to intrude into these unprotected messages. In this paper, we propose a securing approach based on both the PKI infrastructure and some proposed improvements of the UDDI functioning in an attempt to provide adequate security for web services.","PeriodicalId":251169,"journal":{"name":"2009 International Conference for Internet Technology and Secured Transactions, (ICITST)","volume":"108 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2009-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2009 International Conference for Internet Technology and Secured Transactions, (ICITST)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICITST.2009.5402549","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 3

Abstract

Nowadays Internet becomes the most used tool for the ever increasing amount of various transactions between institutions, organizations and more generally between clients and providers. Conducted studies and experiments showed that it is more convenient to provide and achieve these transactions as web services (WS) to guarantee their flexibility and their reuse. So far these services and the corresponding providers' URLs are advertised on specific UDDIs (Universal Description, Discovery and Integration). As such, after finding the requested service any given client contacts the right provider to negotiate the service access procedure. These first contacts between clients and providers are usually and commonly not protected (Encrypted) yielding enough room for Hackers to intrude into these unprotected messages. In this paper, we propose a securing approach based on both the PKI infrastructure and some proposed improvements of the UDDI functioning in an attempt to provide adequate security for web services.

查看原文本刊更多论文

基于PKI和UDDI的信任中心:改进web服务安全性的尝试

如今，互联网成为机构、组织之间以及更广泛的客户和供应商之间不断增加的各种交易的最常用工具。进行的研究和实验表明，以web服务(WS)的形式提供和实现这些事务更方便，以保证其灵活性和可重用性。到目前为止，这些服务和相应提供者的url都是在特定的uddi(通用描述、发现和集成)上发布的。因此，在找到所请求的服务之后，任何给定的客户机都要联系正确的提供者来协商服务访问过程。客户端和提供商之间的这些第一次接触通常是不受保护的(加密的)，这给黑客提供了足够的空间来侵入这些未受保护的消息。在本文中，我们提出了一种基于PKI基础设施和UDDI功能改进的安全方法，试图为web服务提供足够的安全性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2009 International Conference for Internet Technology and Secured Transactions, (ICITST)

自引率

0.00%

发文量