2005 Symposium on Applications and the Internet Workshops (SAINT 2005 Workshops) (2005)
Jan. 31, 2005 to Feb. 4, 2005
Kojiro Nakayama , Hitachi, Ltd.
Takeshi Ishizaki , Hitachi, Ltd.
Michiko Oba , Hitachi, Ltd.
<p>Web Services Security (WS-Security) is a specification that protects SOAP messages to ensure end-to-end security for web services. WS-Security was approved as the OASIS standard in April 2004 and the first stage of standardization has been completed. Although the interoperability of WS-Security itself has been examined, business applications of WS-Security have not yet been fully investigated. Applying WS-Security to actual businesses is the next step.</p> <p>We conducted a large-scale demonstration experiment with web services using a travel industry model. We applied WS-Security to travel booking transactions and succeeded in ensuring end-to-end security by signing and encrypting credit card numbers. We give an overview of the experiment, point out the problems experienced and provide a possible solution. The experiment revealed that problems still remain with respect to communication via an intermediary.</p>
Web services, Security, WS-Security
T. Ishizaki, M. Oba and K. Nakayama, "Application of Web Services Security Using Travel Industry Model," 2005 Symposium on Applications and the Internet Workshops (SAINT 2005 Workshops)(SAINT-W), Trento, Italy, 2005, pp. 358-361.