Token based novel approach to web service security

Küçük Resim Yok

Tarih

2022

Dergi Başlığı

Dergi ISSN

Cilt Başlığı

Yayıncı

Erişim Hakkı

info:eu-repo/semantics/openAccess

Araştırma projeleri

Organizasyon Birimleri

Dergi sayısı

Özet

Web services and APIs (Application Programming Interface) are published publicly on the internet or privately for companies by their very nature. Especially many web services are published openly. This leads to security vulnerabilities. Moreover, since web services and APIs are accessible by everyone, a substantial amount of malicious requests are made to web services and APIs. This situation may cause unnecessary requests to the servers running the web services and consume resources as a consequence. Again, this leads to a security vulnerability. In this study, we propose a TOKEN (Digital Sign) based model that encrypts the SOAP (Simple Object Access Protocol) Envelope message against such situations. To that end, we created a new model as an alternative to the model used in many public projects as an alternative solution. Based on the results we have obtained; we have seen that the model we propose is much faster and more flexible than the classical WS-Security (Web Service Security) solutions without compromising security.

Açıklama

Anahtar Kelimeler

Web service security, Digitial sign, XAdES, SOAP, WSS-Prefix

Kaynak

Proc. of the International Conference on Electrical, Computer and Energy Technologies (ICECET)

WoS Q Değeri

Scopus Q Değeri

Cilt

Sayı

Künye

Cinci, M., Cerası, C.C. and Gültekin, M. (2022). Token based novel approach to web service security. Proc. of the International Conference on Electrical, Computer and Energy Technologies (ICECET), p.1-6.