SOAP-based Secure Conversation and Collaboration

	This Article
	Subscribers, please Login Purchase article: $19 PDF IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Mohammad Ashiqur Rahaman Articles by Andreas Schaad

IEEE International Conference on Web Services (ICWS 2007)

Salt Lake City, Utah, USA

July 09-July 13

ISBN: 0-7695-2924-0

	ASCII Text	x
	Mohammad Ashiqur Rahaman, Andreas Schaad, "SOAP-based Secure Conversation and Collaboration," Web Services, IEEE International Conference on, pp. 471-480, IEEE International Conference on Web Services (ICWS 2007), 2007.

	BibTex	x
	@article{ 10.1109/ICWS.2007.167, author = {Mohammad Ashiqur Rahaman and Andreas Schaad}, title = {SOAP-based Secure Conversation and Collaboration}, journal ={Web Services, IEEE International Conference on}, volume = {0}, year = {2007}, isbn = {0-7695-2924-0}, pages = {471-480}, doi = {http://doi.ieeecomputersociety.org/10.1109/ICWS.2007.167}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Web Services, IEEE International Conference on TI - SOAP-based Secure Conversation and Collaboration SN - 0-7695-2924-0 SP471 EP480 A1 - Mohammad Ashiqur Rahaman, A1 - Andreas Schaad, PY - 2007 KW - null VL - 0 JA - Web Services, IEEE International Conference on ER -

Mohammad Ashiqur Rahaman, SAP Research, France

Andreas Schaad, SAP Research, France

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/ICWS.2007.167

Web services in different trust boundaries interact with each other via SOAP messages to realize functionality in a collaborative environment. Exchanging SOAP messages for remote service invocation has gained wide acceptance among web service developers. Several web service security standards are widely deployed aiming at securing exchanges of a single SOAP message and a conversation of SOAP messages among partners in a collaborative environment. Concerns have been raised about the possibility of XML rewriting attacks within this context and their early detection.

In this paper, we demonstrate such possible attacks with respect to WS* policy based scenarios to set a security context and to use a security context for conversations of SOAP messages. We show how our proposed SOAP Account [21] solution could be applied for early detection of XML rewriting attacks, specifically regarding secure SOAP-based conversations. A simulation-based performance analysis and comparison of our SOAP Account approach vs. a WS* policy based approach complements our observations.

Citation:

Mohammad Ashiqur Rahaman, Andreas Schaad, "SOAP-based Secure Conversation and Collaboration," icws, pp.471-480, IEEE International Conference on Web Services (ICWS 2007), 2007

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.