Web service registration and routing system and inter web proxy service model prevents the message alteration attacks, man-in-the middle attacks

Abstract

In this paper, an architectural framework for Web Service Security System that secures Web services effectively from message alteration attacks, Man-in-the Middle (MIM) attacks and Denial of Service (DoS) attacks has been proposed and implemented. This proposed system provides intelligent mechanisms for effective detection and preventions of message alteration attacks at message level, man-in-the middle attacks at transport level and denial of service attacks at application level. For this purpose, new approaches have been proposed for intelligent identification of the services requested by the user to the service provider. Moreover, new agents called requester agent and provider agent have been deployed for effective communication between the service requester and the service provider. An encryption mechanism and digital signature generation is incorporated to secure the Simple Object Access Protocol (SOAP) message over communication between the client and the server. The new approach proposed in this research work called Web Service Registration and Routing System and Inter Proxy Web Service that effectively prevents the message alteration attacks, Man-in-the Middle attacks and other types of attacks in order to secure Web service at message level. Also, new agents are such as requester agent and provider agent have been deployed at the client and server side respectively. These two agents are responsible for effective monitoring and controlling of various messages and attacks at the message level. In addition to this, a security token is created for each user request to verify the validity of the service provider and service requester for effective and secured communication. This system also provides a new approach for the intelligent prevention of Man-in-the Middle attack and Denial of Service attack in Web services.