Security for Web Services and Service-Oriented Architectures
Bertino, E., Martino, L., Paci, F., Squicciarini, A.
2010, XII, 226 p.
Springer eBooks may be purchased by end-customers only and are sold without copy protection (DRM free). Instead, all eBooks include personalized watermarks. This means you can read the Springer eBooks across numerous devices such as Laptops, eReaders, and tablets.
You can pay for Springer eBooks with Visa, Mastercard, American Express or Paypal.
After the purchase you can directly download the eBook file or read it online in our Springer eBook Reader. Furthermore your eBook will be stored in your MySpringer account. So you can always re-download your eBooks.
First book to cover research and existing or upcoming standards as well as platform-dependent functionalities
Covers all relevant standards such as XML Encryption, WS-Security, SAML, XACML, and related others, and puts them into a conceptual framework
Introduces a reference framework for future research and developments along security dimensions such as integrity, confidentiality, and availability
Main author (Bertino) received the prestigious IEEE Kanai award in 2005 for "pioneering and innovative research contributions to secure distributed systems"
Web services based on the eXtensible Markup Language (XML), the Simple Object Access Protocol (SOAP), and related standards, and deployed in Service-Oriented Architectures (SOA), are the key to Web-based interoperability for applications within and across organizations. It is crucial that the security of services and their interactions with users is ensured if Web services technology is to live up to its promise. However, the very features that make it attractive – such as greater and ubiquitous access to data and other resources, dynamic application configuration and reconfiguration through workflows, and relative autonomy – conflict with conventional security models and mechanisms.
Elisa Bertino and her coauthors provide a comprehensive guide to security for Web services and SOA. They cover in detail all recent standards that address Web service security, including XML Encryption, XML Signature, WS-Security, and WS-SecureConversation, as well as recent research on access control for simple and conversation-based Web services, advanced digital identity management techniques, and access control for Web-based workflows. They explain how these implement means for identification, authentication, and authorization with respect to security aspects such as integrity, confidentiality, and availability.
This book will serve practitioners as a comprehensive critical reference on Web service standards, with illustrative examples and analyses of critical issues; researchers will use it as a state-of-the-art overview of ongoing research and innovative new directions; and graduate students will use it as a textbook on advanced topics in computer and system security.
Content Level »Professional/practitioner
Keywords »Access Control - BPEL - Information Security - SAML - SOA - Service-Oriented Architecture - WSDL - Web Services - Workflow - XML - identity management - language - organization - security - standards