An Alternative Solution to Https for Secure Access to Web Services

Cristina Livia Iancu

Abstract


This paper presents a solution for accessing web services in a light-secure way. Because the payload of the messages is not so sensitive, it is taken care only about protecting the user name and the password used for authentication and authorization into the web services system. The advantage of this solution compared to the common used SSL is avoiding the overhead related to the handshake and encryption, providing a faster response to the clients. The solution is intended for Windows machines and is developed using the latest stable Microsoft technologies.

Keywords


Security Solution Avoiding Https, Intermediate Security Level, Safe Communication, Web Services, Web Authentication System

Full Text:

Untitled () PDF

References


Karl E. Wieger, Software Requirements, 2nd Edition, Microsoft Press, 2003, ISBN 0-7356-1879-8

on-line documentation for SoapUI:

http://www.soapui.org/About-SoapUI/what-is-soapui.html

on-line documentation for Wireshark:

http://www.wireshark.org/about.html

on-line documentation for WinpkFilter:

http://www.ntkernel.com/wpfk-help/whatis.htm

Prabhaker Mateti, Security in Distributed and Networking Systems, World Scientific Publishing Co. Pte. Ltd., ISBN-13: 978-981-270-807-6, Vol.1, Chapter 1

Ion Bica, PhD, CISA, TCP/IP networks basics, from Network Security1st year lectures, 2011

Charles M. Kozierok, TCP/IP Guide, 2003-2010:http://www.tcpipguide.com

T. Berners-Lee, R. Fielding, H. Frystyk, May 1996, RFC 1945, Hypertext Transfer Protocol -- HTTP/1.0: http://tools.ietf.org/html/rfc1945


Refbacks

  • There are currently no refbacks.


Journal of Mobile, Embedded and Distributed Systems (JMEDS) ISSN: 2067 – 4074 (online)