Security in Web services
LE3 .A278 2005
Master of Science
With the fast growth of Internet-based distributed applications and the associated increase of computer crime opportunities, security is now recognized as one of the most fundamental issues for the computer industry. Web Services is an emerging model of Web-based applications, which makes the interconnection, communication, and interoperability among different devices and applications more convenient. Because Web Services applications run over the open, untrustworthy Internet, security for Web Services is a necessity and should be deployed to provide service providers and service requestors with quality of protection. This thesis first reviews fundamental security technologies and Web Services. Then, it describes the design and implementation of security extensions for a very widely used Web Services platform, Glue. These security extensions enable Glue-based Web Services applications to perform hybrid encryptions on messages and utilize XKMS services to locate/validate certificates. An online bookstore system is created as a proof-of-concept illustration of how to build a secure Web Services application based on the Glue platform and its security extensions.
The author grants permission to the University Librarian at Acadia University to reproduce, loan or distribute copies of my thesis in microform, paper or electronic formats on a non-profit basis. The author retains the copyright of the thesis.