Security for Web Services and Service-Oriented Architectures

Authors: Bertino, E., Martino, L., Paci, F., Squicciarini, A.

  • First book to cover research and existing or upcoming standards as well as platform-dependent functionalities
  • Covers all relevant standards such as XML Encryption, WS-Security, SAML, XACML, and related others, and puts them into a conceptual framework
  • Introduces a reference framework for future research and developments along security dimensions such as integrity, confidentiality, and availability
  • Main author (Bertino) received the prestigious IEEE Kanai award in 2005 for "pioneering and innovative research contributions to secure distributed systems"
see more benefits

Buy this book

eBook $59.99
price for USA
  • ISBN 978-3-540-87742-4
  • Digitally watermarked, DRM-free
  • Included format: PDF
  • ebooks can be used on all reading devices
  • Immediate eBook download after purchase
Hardcover $79.99
price for USA
  • ISBN 978-3-540-87741-7
  • Free shipping for individuals worldwide
  • Usually dispatched within 3 to 5 business days.
Softcover $79.99
price for USA
  • ISBN 978-3-642-42603-2
  • Free shipping for individuals worldwide
  • Usually dispatched within 3 to 5 business days.
About this book

Web services based on the eXtensible Markup Language (XML), the Simple Object Access Protocol (SOAP), and related standards, and deployed in Service-Oriented Architectures (SOA), are the key to Web-based interoperability for applications within and across organizations. It is crucial that the security of services and their interactions with users is ensured if Web services technology is to live up to its promise. However, the very features that make it attractive – such as greater and ubiquitous access to data and other resources, dynamic application configuration and reconfiguration through workflows, and relative autonomy – conflict with conventional security models and mechanisms.

Elisa Bertino and her coauthors provide a comprehensive guide to security for Web services and SOA. They cover in detail all recent standards that address Web service security, including XML Encryption, XML Signature, WS-Security, and WS-SecureConversation, as well as recent research on access control for simple and conversation-based Web services, advanced digital identity management techniques, and access control for Web-based workflows. They explain how these implement means for identification, authentication, and authorization with respect to security aspects such as integrity, confidentiality, and availability.

This book will serve practitioners as a comprehensive critical reference on Web service standards, with illustrative examples and analyses of critical issues; researchers will use it as a state-of-the-art overview of ongoing research and innovative new directions; and graduate students will use it as a textbook on advanced topics in computer and system security.

About the authors

Elisa Bertino is professor of Computer Science and Electrical and Computer Engineering, and research director of the Center for Education and Research in Information Assurance and Security (CERIAS) at Purdue University. She has carried out extensive research on various security topics, such as foundations of access control systems, security for location-based applications, security for web services, digital identity management, data privacy, security and privacy for healthcare applications and for GIS; and has given numerous presentations and tutorials on these topics in scientific conferences. Recently, she recently received the IEEE Computer Society 2005 Kanai award for her research in security for distributed systems. She has also served as a member of the Microsoft Trustworthy Computing Academic Advisory Board.

Lorenzo D. Martino is visiting assistant professor at the Computer and Information Technology (C&IT) department of Purdue University and at the Cyber Center of the Purdue University. He has carried out research on trust negotiation techniques and security for web services.

Federica Maria Francesca Paci is a PhD Student at the University of Milan, Italy. Her main research interests include the development of access control models for constraint workflow systems, Web services access control models and secure distribution of XML documents. She has published several refereed journal and conference papers in these areas.

Anna Squicciarini is a post doctoral research associate in the Computer Science Department of Purdue University. She conducts research on security for distributed systems, with particular focus on trust management, identity management and access control for grids and Web Services. She has published several refereed journal and conference papers in these areas. She has been the main architect of the Trust-X system, an innovative system supporting trust negotiation in distributed open systems.

Reviews

From the reviews:

“This book deals exclusively with SOAP based Web services. … the book could serve as a good review and reference. … The book targets three distinct audiences, practitioners, students and researchers. … I suspect students and researchers will find the first half of this book a fast paced review or a somewhat useful reference, at best. The second half of the book contains material that might be more useful to students and researchers.” (Karthik Ramachandran, ACM Computing Reviews, September, 2010)

Table of contents (9 chapters)

  • Introduction

    Bertino, Elisa (et al.)

    Pages 1-8

  • Web Service Technologies, Principles, Architectures, and Standards

    Bertino, Elisa (et al.)

    Pages 9-23

  • Web Services Threats, Vulnerabilities, and Countermeasures

    Bertino, Elisa (et al.)

    Pages 25-44

  • Standards for Web Services Security

    Bertino, Elisa (et al.)

    Pages 45-77

  • Digital Identity Management and Trust Negotiation

    Bertino, Elisa (et al.)

    Pages 79-114

Buy this book

eBook $59.99
price for USA
  • ISBN 978-3-540-87742-4
  • Digitally watermarked, DRM-free
  • Included format: PDF
  • ebooks can be used on all reading devices
  • Immediate eBook download after purchase
Hardcover $79.99
price for USA
  • ISBN 978-3-540-87741-7
  • Free shipping for individuals worldwide
  • Usually dispatched within 3 to 5 business days.
Softcover $79.99
price for USA
  • ISBN 978-3-642-42603-2
  • Free shipping for individuals worldwide
  • Usually dispatched within 3 to 5 business days.
Loading...

Bibliographic Information

Bibliographic Information
Book Title
Security for Web Services and Service-Oriented Architectures
Authors
Copyright
2010
Publisher
Springer-Verlag Berlin Heidelberg
Copyright Holder
Springer-Verlag Berlin Heidelberg
eBook ISBN
978-3-540-87742-4
DOI
10.1007/978-3-540-87742-4
Hardcover ISBN
978-3-540-87741-7
Softcover ISBN
978-3-642-42603-2
Edition Number
1
Number of Pages
XII, 226
Topics