Protecting web services with service oriented traceback architecture

Service oriented architecture (SOA) is a way of reorganizing software infrastructure into a set of service abstracts. In the area of applying SOA to Web service security, there have been some well defined security dimensions. However, current Web security systems, like WS-Security are not efficient enough to handle distributed denial of service (DDoS) attacks. Our new approach, service oriented traceback architecture (SOTA), provides a framework to be able to identify the source of an attack. This is accomplished by deploying our defence system at distributed routers, in order to examine the incoming SOAP messages and place our own SOAP header. By this method, we can then use the new SOAP header information, to traceback through the network the source of the attack. According to our experimental performance evaluations, we find that SOTA is quite scaleable, simple and quite effective at identifying the source.<br /

Cloud Computing Security for Organizations using Live Signature – TPALM Printing Client Service

Cloud is taking over the computing environment in both public as well as private sector. This has increased the use of service-oriented architecture (SOA) for the development of services later deployed in the Cloud. This paper presents a Cloud Security algorithm using SOA 3.0 for secured transactions on the data, which usually governments of countries like USA International Traffic in Arms Regulations (ITAR) and Export Administration Regulations (EAR) requires to be utilized and distributed only within United States by security cleared personal only. In this paper, we describe a novel algorithm and corresponding cloud service as Cloud Monitoring Gateway (CMG). The current service prototype simulates the behavior of actual Cloud Security Gateway Application (CSGA) using the algorithm called as TPALM (The Privacy Authentication Latency Management). This simulation is coarse-grained, but is capable of measuring the privacy authentication on the given variables of a legit user. We also present an evaluation of this service utilization on actual data

From Service-Oriented Architecture To Cloud Computing

Cloud computing resembles a new paradigm of technology. It suggests deploring technology services without owning the infrastructure behind them. It also releases the burden of maintaining an adequate environment and quality and focusing on the business competency. Service-Oriented Architecture (SOA) is a technology outlook that enables approaching cloud computing. In this paper, we reviewed the main feature of SOA. The main migration from SOA to cloud computing is discussed. Main features and characteristics of cloud computing are presented

Secured Web Services Specifications

The proliferation of XML based web services in the IT industry not only gives rise to opportunities but challenges too. Namely the challenges of security and a standard way of maintaining it across domains and organisational boundaries. OASIS, W3C and other organisations have done some great work in bringing about this synergy. What I look in this paper are some of the more popular standards in vogue today and clubbed under WS-* specification. I will try to give an overview of various frameworks and protocols being used to keep webservices secure. Some of the major protocols looked into are WS-Security, SAML, WS-Federation, WS-Trust, XMLEncryption and Signature. This paper will give you a brief introduction to impact of using WS-* on time complexity due to the extra load of encrypting and certificates. Windows communication foundation (WCF) is one of the best designed toolset for this though WCF is not the topic of discussion in this paper

Distributed Software Development Tools for Distributed Scientific Applications

This chapter provides a new methodology and two tools for user‐driven Wikinomics‐oriented scientific applications’ development. Service‐oriented architecture for such applications is used, where the entire research supporting computing or simulating process is broken down into a set of loosely coupled stages in the form of interoperating replaceable Web services that can be distributed over different clouds. Any piece of the code and any application component deployed on a system can be reused and transformed into a service. The combination of service‐oriented and cloud computing will indeed begin to challenge the way of research supporting computing development, the facilities of which are considered in this chapter

End-to-end security in service-oriented architecture

A service-oriented architecture (SOA)-based application is composed of a number of distributed and loosely-coupled web services, which are orchestrated to accomplish a more complex functionality. Any of these web services is able to invoke other web services to offload part of its functionality. The main security challenge in SOA is that we cannot trust the participating web services in a service composition to behave as expected all the time. In addition, the chain of services involved in an end-to-end service invocation may not be visible to the clients. As a result, any violation of client’s policies could remain undetected. To address these challenges in SOA, we proposed the following contributions. First, we devised two composite trust schemes by using graph abstraction to quantitatively maintain the trust levels of different services. The composite trust values are based on feedbacks from the actual execution of services, and the structure of the SOA application. To maintain the dynamic trust, we designed the trust manager, which is a trusted-third party service. Second, we developed an end-to-end inter-service policy monitoring and enforcement framework (PME framework), which is able to dynamically inspect the interactions between services at runtime and react to the potentially malicious activities according to the client’s policies. Third, we designed an intra-service policy monitoring and enforcement framework based on taint analysis mechanism to monitor the information flow within services and prevent information disclosure incidents. Fourth, we proposed an adaptive and secure service composition engine (ASSC), which takes advantage of an efficient heuristic algorithm to generate optimal service compositions in SOA. The service compositions generated by ASSC maximize the trustworthiness of the selected services while meeting the predefined QoS constraints. Finally, we have extensively studied the correctness and performance of the proposed security measures based on a realistic SOA case study. All experimental studies validated the practicality and effectiveness of the presented solutions