Towards secure web services: Performance analysis, decision making and steganography approaches

This thesis was submitted for the degree of Doctor of Philosophy and awarded by Brunel University.Web services provide a platform neutral and programming language independent technology that supports interoperable machine-to-machine interaction over a network. Clients and other systems interact with Web services using a standardised XML messaging system, such as the Simple Object Access Protocol (SOAP), typically conveyed using HTTP with an XML serialisation in conjunction with other related Web standards. Nevertheless, the idea of applications from different parties communicating together raises a security threat. The challenge of Web services security is to understand and consider the risks of securing a Web-based service depending on the existing security techniques and simultaneously follow evolving standards in order to fill the gap in Web services security. However, the performance of the security mechanisms is fraught with concerns due to additional security contents in SOAP messages, the higher number of message exchanges to establish trust, as well as the extra CPU time to process these additions. As the interaction between service providers and requesters occurs via XML-based SOAP messages, securing Web services tends to make these messages longer than they would be otherwise and consequently requires interpretation by XML parsers on both sides, which reduces the performance of Web services. The work described in this thesis can be broadly divided into three parts, the first of which is studying and comparing the performance of various security profiles applied on a Web service tested with different initial message sizes. The second part proposes a multi-criteria decision making framework to aid Web services developers and architects in selecting the best suited security profile that satisfies the different requirements of a given application during the development process in a systematic, manageable, and effective way. The proposed framework, based on the Analytical Hierarchy Process (AHP) approach, incorporates not only the security requirements, but also the performance considerations as well as the configuration constraints of these security profiles. The framework is then validated and evaluated using a scenario-driven approach to demonstrate situations where the decision making framework is used to make informed decisions to rank various security profiles in order to select the most suitable one for each scenario. Finally, the last part of this thesis develops a novel steganography method to be used for SOAP messages within Web services environments. This method is based on changing the order of XML elements according to a secret message. This method has a high imperceptibility; it leaves almost no trail because it uses the communication protocol as a cover medium, and keeps the structure and size of the SOAP message intact. The method is empirically validated using a feasible scenario so as to indicate its utility and value

A look at cloud architecture interoperability through standards

Enabling cloud infrastructures to evolve into a transparent platform while preserving integrity raises interoperability issues. How components are connected needs to be addressed. Interoperability requires standard data models and communication encoding technologies compatible with the existing Internet infrastructure. To reduce vendor lock-in situations, cloud computing must implement universal strategies regarding standards, interoperability and portability. Open standards are of critical importance and need to be embedded into interoperability solutions. Interoperability is determined at the data level as well as the service level. Corresponding modelling standards and integration solutions shall be analysed

IAMS framework: a new framework for acceptable user experiences for integrating physical and virtual identity access management systems

The modern world is populated with so many virtual and physical Identity Access Management Systems (IAMSs) that individuals are required to maintain numerous passwords and login credentials. The tedious task of remembering multiple login credentials can be minimised through the utilisation of an innovative approach of single sign-in mechanisms. During recent times, several systems have been developed to provide physical and virtual identity management systems; however, most have not been very successful. Many of the available systems do not provide the feature of virtual access on mobile devices via the internet; this proves to be a limiting factor in the usage of the systems. Physical spaces, such as offices and government entities, are also favourable places for the deployment of interoperable physical and virtual identity management systems, although this area has only been explored to a minimal level. Alongside increasing the level of awareness for the need to deploy interoperable physical and virtual identity management systems, this paper addresses the immediate need to establish clear standards and guidelines for successful integration of the two medium

The role in enabling government to organize and operate itself in a more efficient and cost effective manner by using the information technology

This paper illustrates the value of interoperability in the delivery of Government e-services: Governmentto- Government, business-to-Government and citizen-to-Government. It describes the many issues involved in achieving successful interoperability programs—together with the tools, technologies and standards that help make this possible.The information technology, the delivery of Government e-services, successful interoperability programs

MOSAIC roadmap for mobile collaborative work related to health and wellbeing.

The objective of the MOSAIC project is to accelerate innovation in Mobile Worker Support Environments. For that purpose MOSAIC develops visions and illustrative scenarios for future collaborative workspaces involving mobile and location-aware working. Analysis of the scenarios is input to the process of road mapping with the purpose of developing strategies for R&D leading to deployment of innovative mobile work technologies and applications across different domains. One of the application domains where MOSAIC is active is health and wellbeing. This paper builds on another paper submitted to this same conference, which presents and discusses health care and wellbeing specific scenarios. The aim is to present an early form of a roadmap for validation

Towards Grid Interoperability

The Grid paradigm promises to provide global access to computing resources, data storage and experimental instruments. It also provides an elegant solution to many resource administration and provisioning problems while offering a platform for collaboration and resource sharing. Although substantial progress has been made towards these goals, nevertheless there is still a lot of work to be done until the Grid can deliver its promises. One of the central issues is the development of standards and Grid interoperability. Job execution is one of the key capabilities in all Grid environments. This is a well understood, mature area with standards and implementations. This paper describes some proof of concept experiments demonstrating the interoperability between various Grid environments

Alcuni abstract di articoli che trattano argomenti relativi all'eHealth

Non utile per esam

A commentary on standardization in the Semantic Web, Common Logic and MultiAgent Systems

Given the ubiquity of the Web, the Semantic Web (SW) offers MultiAgent Systems (MAS) a most wide-ranging platform by which they could intercommunicate. It can be argued however that MAS require levels of logic that the current Semantic Web has yet to provide. As ISO Common Logic (CL) ISO/IEC IS 24707:2007 provides a firstorder logic capability for MAS in an interoperable way, it seems natural to investigate how CL may itself integrate with the SW thus providing a more expressive means by which MAS can interoperate effectively across the SW. A commentary is accordingly presented on how this may be achieved. Whilst it notes that certain limitations remain to be addressed, the commentary proposes that standardising the SW with CL provides the vehicle by which MAS can achieve their potential.</p