Message Level Security Realization in Web Services Using AES and Diffie Hellman Key Exchange
|
Title | Message Level Security Realization in Web Services Using AES and Diffie Hellman Key Exchange |
Authors | |
Abstract | Major usage of Internet elevates the significance of web services, which in turn makes web service security a very challenging issue. Web Service uses SOAP to exchange information; although SOAP guarantees XML security, XML is still liable to attacks like XML rewriting, XML bombing, external entry attack, denial of service etc. Hence providing security at the message level seems to be important with respect to web services. This proposed work provides a method to enhance the security of the web service at message level by encrypting the SOAP message using AES, with the help of shared key generated using Diffie Hellman key exchange mechanism. The key exchange is implemented as service and a digital signature handler is provided to enable a secured key exchange and is done well before the SOAP message generation. The main feature of this proposed system is that the variable keys are used for encryption each time the request is sent which prevents hacking of messages in application invoking web services. |
Publisher | World Science Publisher |
Date | 2012-03-18 |
Source | 2166-2924 |
Rights | Copyright NoticeProposed Creative Commons Copyright Notices1. Proposed Policy for Journals That Offer Open AccessAuthors who publish with this journal agree to the following terms:Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work´s authorship and initial publication in this journal.Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal´s published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).Proposed Policy for Journals That Offer Delayed Open AccessAuthors who publish with this journal agree to the following terms:Authors retain copyright and grant the journal right of first publication, with the work [SPECIFY PERIOD OF TIME] after publication simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work´s authorship and initial publication in this journal.Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal´s published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access). |