An Alternative Solution to Https for Secure Access to Web Services

Authors

  • Cristina Livia Iancu Bucharest University of Economic Studies

Keywords:

Security Solution Avoiding Https, Intermediate Security Level, Safe Communication, Web Services, Web Authentication System

Abstract

This paper presents a solution for accessing web services in a light-secure way. Because the payload of the messages is not so sensitive, it is taken care only about protecting the user name and the password used for authentication and authorization into the web services system. The advantage of this solution compared to the common used SSL is avoiding the overhead related to the handshake and encryption, providing a faster response to the clients. The solution is intended for Windows machines and is developed using the latest stable Microsoft technologies.

Author Biography

Cristina Livia Iancu, Bucharest University of Economic Studies

IT&C Security Master

References

Karl E. Wieger, Software Requirements, 2nd Edition, Microsoft Press, 2003, ISBN 0-7356-1879-8

on-line documentation for SoapUI:

http://www.soapui.org/About-SoapUI/what-is-soapui.html

on-line documentation for Wireshark:

http://www.wireshark.org/about.html

on-line documentation for WinpkFilter:

http://www.ntkernel.com/wpfk-help/whatis.htm

Prabhaker Mateti, Security in Distributed and Networking Systems, World Scientific Publishing Co. Pte. Ltd., ISBN-13: 978-981-270-807-6, Vol.1, Chapter 1

Ion Bica, PhD, CISA, TCP/IP networks basics, from Network Security1st year lectures, 2011

Charles M. Kozierok, TCP/IP Guide, 2003-2010:http://www.tcpipguide.com

T. Berners-Lee, R. Fielding, H. Frystyk, May 1996, RFC 1945, Hypertext Transfer Protocol -- HTTP/1.0: http://tools.ietf.org/html/rfc1945

Downloads

Published

2012-06-30

How to Cite

Iancu, C. L. (2012). An Alternative Solution to Https for Secure Access to Web Services. Journal of Mobile, Embedded and Distributed Systems, 4(2), 80-95. Retrieved from http://jmeds.eu/index.php/jmeds/article/view/64