Abstract | ||
---|---|---|
Web service technologies have been widely used in diverse applications. However, there are still many security challenges in reliability, confidentiality and data nonrepudiation, which are prominent especially in some Web service systems that have massive resources in diverse forms. An enhanced mechanism for secure accesses of Web resources is presented and implemented based on the combination of modules of identity authentication, authorized access, and secure transmission to improve the security level of these systems. In the identity authentication, the highly safe and recognized authentication method U-Key is used. For the aspect of authorized access, the integration of an improved Spring Security framework and J2EE architecture is applied to ensure authorized access to Web resources, while the security interceptor of Spring Security is extended and a series of security filters are added to keep web attacks away. Moreover, some improvements of the XML encryption and XML decryption algorithm are made to enhance the security and speed of data transmission, by means of mixing RSA and DES algorithm. The above security mechanism has been applied to an online virtual experiment platform based on Web services named VeePalms. The experimental results show that most security problems with high severity in the system have been solved and medium-low severe problems degreased dramatically. |
Year | DOI | Venue |
---|---|---|
2012 | 10.1007/978-3-642-37015-1_23 | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) |
Keywords | Field | DocType |
enhanced security mechanism,security level,security problem,security challenge,security mechanism,web service,security filter,web resource,identity authentication,authorized access,security interceptor,xml encryption | Security testing,Security through obscurity,Computer security,Computer science,Computer network,Security service,Cloud computing security,Web application security,Security information and event management,Network Access Control,Computer security model | Conference |
Volume | Issue | ISSN |
7719 LNCS | null | 16113349 |
Citations | PageRank | References |
0 | 0.34 | 8 |
Authors | ||
5 |
Name | Order | Citations | PageRank |
---|---|---|---|
Wenbin Jiang | 1 | 355 | 36.55 |
Hao Dong | 2 | 70 | 9.00 |
Hai Jin | 3 | 6544 | 644.63 |
Hui Xu | 4 | 212 | 29.73 |
Xiaofei Liao | 5 | 1145 | 120.57 |