Token based novel approach to web service security
Küçük Resim Yok
Tarih
2022
Dergi Başlığı
Dergi ISSN
Cilt Başlığı
Yayıncı
Erişim Hakkı
info:eu-repo/semantics/openAccess
Özet
Web services and APIs (Application Programming Interface) are published publicly on the internet or privately for companies by their very nature. Especially many web services are published openly. This leads to security vulnerabilities. Moreover, since web services and APIs are accessible by everyone, a substantial amount of malicious requests are made to web services and APIs. This situation may cause unnecessary requests to the servers running the web services and consume resources as a consequence. Again, this leads to a security vulnerability. In this study, we propose a TOKEN (Digital Sign) based model that encrypts the SOAP (Simple Object Access Protocol) Envelope message against such situations. To that end, we created a new model as an alternative to the model used in many public projects as an alternative solution. Based on the results we have obtained; we have seen that the model we propose is much faster and more flexible than the classical WS-Security (Web Service Security) solutions without compromising security.
Açıklama
Anahtar Kelimeler
Web service security, Digitial sign, XAdES, SOAP, WSS-Prefix
Kaynak
Proc. of the International Conference on Electrical, Computer and Energy Technologies (ICECET)
WoS Q Değeri
Scopus Q Değeri
Cilt
Sayı
Künye
Cinci, M., Cerası, C.C. and Gültekin, M. (2022). Token based novel approach to web service security. Proc. of the International Conference on Electrical, Computer and Energy Technologies (ICECET), p.1-6.