Security concerns regarding a federative web service

Abstract

In a continuously increasing demand for rapid access to information, the web services represent affordable instruments. The technology is available for numerous software platforms. The need to share sensitive information between authorized entities, using global area networks, and not exclusively a dedicated, hardware separated channel, fosters the risk for malicious attacks. The current paper proposes an analysis of the security risks reported by past and ongoing research regarding data transfer using WaterML/XML. The analysis is extended to an existing federation of water associated SCADAs on the Someş river (F2S), using web services, data access separation and SSL-encrypted communication, among other security resolutions.