New proposed method for web services security

Abstract EN

The Web service security challenge is to understand and assess the risk involved in securing a web-based service today, based on (>٧١• existing security technology, and at the same time track emerging standards and understand how they will be used to offset the risk in new web services.

Any security model must illustrate how data ean How through an application and network topology to meet the requirei^ents defined by the business without exposing the data to undue risk.

In this paper we propose a mcchanism for the client to provide authentication data, based ٠١٦ the serviec definition , and for the service provider to retrieve those data.

We also show' how XML digital Signatures and encryption can be exploited to achieve a level of trust.s