Web services based on the eXtensible Markup Language (XML), the Simple Object
Access Protocol (SOAP), and related standards, and deployed in Service-Oriented
Architectures (SOA), are the key to Web-based interoperability for applications
within and across organizations. It is crucial that the security of services and
their interactions with users is ensured if Web services technology is to live
up to its promise. However, the very features that make it attractive . such as
greater and ubiquitous access to data and other resources, dynamic application
configuration and reconfiguration through workflows, and relative autonomy .
conflict with conventional security models and mechanisms.
Elisa Bertino and her coauthors provide a comprehensive guide to security for
Web services and SOA. They cover in detail all recent standards that address Web
service security, including XML Encryption, XML Signature, WS-Security, and WS-
SecureConversation, as well as recent research on access control for simple and
conversation-based Web services, advanced digital identity management techniques,
and access control for Web-based workflows. They explain how these implement
means for identification, authentication, and authorization with respect to
security aspects such as integrity, confidentiality, and availability.
This book will serve practitioners as a comprehensive critical reference on Web
service standards, with illustrative examples and analyses of critical issues;
researchers will use it as a state-of-the-art overview of ongoing research and
innovative new directions; and graduate students will use it as a textbook on
advanced topics in computer and system security.
http://www.amazon.com/Security-Web-Services-Service-Oriented-Architectures/dp/354087741X
Download File Size:2.92 MB