Web services security
Name |
Supervisor |
Robert-Jan Boezeman | Dr. J.-H. Hoepman |
Description
Using SOAP to develop web services should make it easier to interconnect initially unrelated web services at a later date. Unfortunately, the initial specifications for SOAP left any security considerations aside. This makes bare-bones SOAP unusable in the design of a large class of web services where security is a critical factor. Therefore, several security extensions to SOAP have been proposed, e.g. SOAP-DSIG and using the XML Encryption standard.Goal
The goal of this project is twofold.- To design a secure web service using SOAP for the Oxford University Computing Laboratory to manage the printing of documents and the secure transfer of password entries, to understand the practical issues surrounding the security and applicability of SOAP to design web services.
- To study the proposed security extensions to SOAP, documenting their limitations and weaknesses, and to recommend improvements to these extensions to overcome these limitations and weaknesses.
Results
Robert-Jan Boezeman: "Web Services Security", Master Thesis, June 2003.
Location |
Period |
Supervisory committee |
Oxford University Computing Laboratories | Oct 2002 - April 2003 |
|
Last Version -
(Note: changeover from CVS to dotless svn version numbers on Jan 19, 2008, and changeover to GIT versioning on May 30, 2013.)
Maintained by Jaap-Henk Hoepman
Email: jhh@cs.ru.nl