Towards secure web services: Performance analysis, decision making and steganography approaches

This thesis was submitted for the degree of Doctor of Philosophy and awarded by Brunel University.Web services provide a platform neutral and programming language independent technology that supports interoperable machine-to-machine interaction over a network. Clients and other systems interact with Web services using a standardised XML messaging system, such as the Simple Object Access Protocol (SOAP), typically conveyed using HTTP with an XML serialisation in conjunction with other related Web standards. Nevertheless, the idea of applications from different parties communicating together raises a security threat. The challenge of Web services security is to understand and consider the risks of securing a Web-based service depending on the existing security techniques and simultaneously follow evolving standards in order to fill the gap in Web services security. However, the performance of the security mechanisms is fraught with concerns due to additional security contents in SOAP messages, the higher number of message exchanges to establish trust, as well as the extra CPU time to process these additions. As the interaction between service providers and requesters occurs via XML-based SOAP messages, securing Web services tends to make these messages longer than they would be otherwise and consequently requires interpretation by XML parsers on both sides, which reduces the performance of Web services. The work described in this thesis can be broadly divided into three parts, the first of which is studying and comparing the performance of various security profiles applied on a Web service tested with different initial message sizes. The second part proposes a multi-criteria decision making framework to aid Web services developers and architects in selecting the best suited security profile that satisfies the different requirements of a given application during the development process in a systematic, manageable, and effective way. The proposed framework, based on the Analytical Hierarchy Process (AHP) approach, incorporates not only the security requirements, but also the performance considerations as well as the configuration constraints of these security profiles. The framework is then validated and evaluated using a scenario-driven approach to demonstrate situations where the decision making framework is used to make informed decisions to rank various security profiles in order to select the most suitable one for each scenario. Finally, the last part of this thesis develops a novel steganography method to be used for SOAP messages within Web services environments. This method is based on changing the order of XML elements according to a secret message. This method has a high imperceptibility; it leaves almost no trail because it uses the communication protocol as a cover medium, and keeps the structure and size of the SOAP message intact. The method is empirically validated using a feasible scenario so as to indicate its utility and value

Towards secure web services : performance analysis, decision making and steganography approaches

Web services provide a platform neutral and programming language independent technology that supports interoperable machine-to-machine interaction over a network. Clients and other systems interact with Web services using a standardised XML messaging system, such as the Simple Object Access Protocol (SOAP), typically conveyed using HTTP with an XML serialisation in conjunction with other related Web standards. Nevertheless, the idea of applications from different parties communicating together raises a security threat. The challenge of Web services security is to understand and consider the risks of securing a Web-based service depending on the existing security techniques and simultaneously follow evolving standards in order to fill the gap in Web services security. However, the performance of the security mechanisms is fraught with concerns due to additional security contents in SOAP messages, the higher number of message exchanges to establish trust, as well as the extra CPU time to process these additions. As the interaction between service providers and requesters occurs via XML-based SOAP messages, securing Web services tends to make these messages longer than they would be otherwise and consequently requires interpretation by XML parsers on both sides, which reduces the performance of Web services. The work described in this thesis can be broadly divided into three parts, the first of which is studying and comparing the performance of various security profiles applied on a Web service tested with different initial message sizes. The second part proposes a multi-criteria decision making framework to aid Web services developers and architects in selecting the best suited security profile that satisfies the different requirements of a given application during the development process in a systematic, manageable, and effective way. The proposed framework, based on the Analytical Hierarchy Process (AHP) approach, incorporates not only the security requirements, but also the performance considerations as well as the configuration constraints of these security profiles. The framework is then validated and evaluated using a scenario-driven approach to demonstrate situations where the decision making framework is used to make informed decisions to rank various security profiles in order to select the most suitable one for each scenario. Finally, the last part of this thesis develops a novel steganography method to be used for SOAP messages within Web services environments. This method is based on changing the order of XML elements according to a secret message. This method has a high imperceptibility; it leaves almost no trail because it uses the communication protocol as a cover medium, and keeps the structure and size of the SOAP message intact. The method is empirically validated using a feasible scenario so as to indicate its utility and value.EThOS - Electronic Theses Online ServiceGBUnited Kingdo

Keeping children within the family: Changing patterns in the use of special guardianship orders

Special Guardianship Orders (SGOs) provide family courts with an alternative to adoption, typically through permanent placement within the extended family. Using court administrative data, this study charts the use of SGOs as a way of promoting stability and recovery for these vulnerable children who cannot remain safely with their parents. The study cohort is based on administrative population data produced routinely by Cafcass and accessed via the Secure Anonymised Information Linkage (SAIL) Databank at Swansea University. The unit of analysis is children subject to s.31 care and supervision proceedings in England between 2007/08 and 2021/22, providing a retrospective observational window of fifteen years. Descriptive statistics were used to compare SGOs to other permanency final legal orders (placement, child arrangements, supervision and no order), and survival modelling was employed to look at stability over time and return to court. Finally, regional and over time variations in the data were examined. The percentage of children placed on a SGO as a proportion of all children subject to s.31 proceedings rose from 12% to 18% between 2011/12 and 2021/22. Over the same period the percentage of children with a placement order that frees the way for adoption fell from 24% to 14%. This shift in pattern was more pronounced than for any other legal order we examined for children unable to remain with birth parents. The highest usage per region was in the North East and London and the lowest was in the Midlands. We estimate that 9% of children on SGOs would return to court within 10 years. Older children (5-17 years old) were more likely to return to court after SGOs than younger children. The study showed that SGOs have become a main route out of public care, outstripping the use of placement orders. These findings have major implications for policy and practice. They demonstrate that special guardianship provides a stable and sustainable permanency option for children unable to remain with their birth parents

The adoption paradox: Exploring the role of ethnicity, deprivation, and co-ethnic density in care proceedings in England

The study objectives were to (1) examine the association between children’s ethnicity and final legal orders at the end of family care proceedings (section 31 of the 1989 Children Act), and (2) test whether residential context, such as co-ethnic density and area-level deprivation, moderates this association. Two sources of data were used for this study. The first consisted of records routinely generated by Cafcass (England) and stored in the Secure Anonymised Information Linkage (SAIL) databank, and the second was the 2021 England Census. The focus was on children whose initial care proceedings took place between 2015/2016 and 2020/2021 and concluded with a recorded final legal order outcome (N = 98,161). Three-level logistic regression models were employed to estimate the relationship between children's ethnicity and adoption, along with the potential moderating effects of co-ethnic density and area-level deprivation. Children's ethnicity is significantly associated with placement for adoption, with white children being more likely to be subject to placement orders compared to children from all other ethnic groups combined (Asian, black, mixed or multiple, and other ethnic groups). Higher local authority co-ethnic density considerably reduces the likelihood of adoption for children of other ethnicities besides white, but not for white children. Moreover, white children living in the most deprived LSOAs are more likely to be placed for adoption than those residing in the least deprived LSOAs. However, the likelihood of placement for adoption remains consistent across all LSOA deprivation quintiles for children from ethnicities other than white. Local authority-level deprivation does not appear to moderate the relationship between children's ethnicity and adoption. This study sheds light on the intricate relationship between ethnicity, residential context, and adoption. While previous research has indicated that white children are more likely to be adopted, the findings enhance our understanding of the underlying mechanisms influencing adoption, paving the way for a more equitable family justice system

Adults in private family law proceedings in Wales: characteristics and vulnerabilities.

Objectives Private law children cases are disputes, usually between parents after relationship breakdown, about arrangements for a child’s upbringing, such as where they should live and/or who they should see. To inform policy and practice, more information is needed about the families involved, including their characteristics, circumstances and vulnerabilities. Approach This paper presents findings from research by the Family Justice Data Partnership – a collaboration between Lancaster and Swansea Universities – funded by the Nuffield Family Justice Observatory. Anonymised routinely-collected, individual-level, population-scale family justice data from Cafcass Cymru was linked with hospital and GP records, within the Secure Anonymised Information Linkage (SAIL) Databank for 18,653 adults involved in private law proceedings in Wales between 2014/15 and 2019/20 and a comparison group of 186,470 adults not involved in court proceedings, matched on age, gender, deprivation. The proportion of adults in the two groups with several health-related vulnerabilities recorded was compared. Results Adults involved in private law proceedings were found to have higher prevalence of mental health problems, substance use, self-harm and exposure to domestic violence and abuse than the matched comparison group. Both men and women involved in private law proceedings were between two and three times as likely to have anxiety and depression than their peers in the comparison group. Almost 1 in 6 (15.3%) cohort women and more than 1 in 10 cohort men (10.7%) had a history of self-harm, again indicating a level of vulnerability more than double that observed in the comparison group. The research also revealed greater overall use of healthcare services by adults in private law proceedings, with the largest differences seen in the need for emergency health care. Conclusion This research has uncovered the heightened needs and vulnerabilities of both women and men involved in private family law applications. The findings have important implications for the family justice system, and for health and other services, and need to be considered in relation to the current programme of reform