Conference Papers
Permanent URI for this collectionhttps://idr.nitk.ac.in/handle/123456789/28506
Browse
Search Results
Item Decoupling security concerns in web services using aspects(2006) Mostéfaoui, G.K.; Narendra, N.C.; Maamar, Z.; Sattanathan, S.This paper discusses the Aspect-oriented Framework for Web services (AoF4WS) that supports on-demand context-sensitive security in Web services. Flexible security schemes are needed in many Web services applications where authentication, authorization, etc., can no longer be used in their current form. Security mechanisms are to be customized to the continuously changing requirements of Web services. Examples of this customization concern cryptographic protocol for a specific situation and timeout for user credentials. The AoF4WS uses aspect-oriented programming and frames. Aspects provide flexibility to the framework, and frames adjust aspects to specific requirements. © 2006 IEEE.Item Context-driven policy enforcement and reconciliation for Web services(2006) Sattanathan, S.; Narendra, N.C.; Maamar, Z.; Mostéfaoui, G.K.Security of Web services is a major factor to their successful integration into critical IT applications. An extensive research in this direction concentrates on low level aspects of security such as message secrecy, data integrity, and authentication. Thus, proposed solutions are mainly built upon the assumption that security mechanisms are static and predefined. However, the dynamic nature of the Internet and the continuously changing environments where Web services operate require innovative and adaptive security solutions. This paper presents our solution for securing Web services based on adaptive policies, where adaptability is satisfied using the contextual information of the Web services. The proposed solution includes a negotiation and reconciliation protocol for security policies.