Web Services Security Assessment: An Authentication-Focused Approach

Abstract : Web services may be able to publish easily their functions to the rest of the web world. At the same time they suffer by several security pitfalls. Currently, there is limited research on how the proposed web-services security countermeasures affect performance and applicability. In this paper, we introduce the threats/attacks vs. web-services authentication, present the most widely used security method for protecting it, and identify the threats/attacks tackled by those methods. Moreover, we evaluate the web service authentication mechanism proposed in these implementations, not only on a theoretical level (by taking into consideration all the security issues of the implementing authentication sub-mechanisms), but also in a laboratory environment (by conducting extensive experiments). Finally we demonstrate the trade-offs between sophisticated web-service security methods and their performance.
Document type :
Conference papers
Complete list of metadatas

Cited literature [11 references]  Display  Hide  Download

https://hal.inria.fr/hal-01518251
Contributor : Hal Ifip <>
Submitted on : Thursday, May 4, 2017 - 1:45:44 PM
Last modification on : Thursday, May 4, 2017 - 2:53:52 PM
Long-term archiving on : Saturday, August 5, 2017 - 1:12:28 PM

File

978-3-642-30436-1_49_Chapter.p...
Files produced by the author(s)

Licence


Distributed under a Creative Commons Attribution 4.0 International License

Identifiers

Citation

Yannis Soupionis, Miltiadis Kandias. Web Services Security Assessment: An Authentication-Focused Approach. 27th Information Security and Privacy Conference (SEC), Jun 2012, Heraklion, Crete, Greece. pp.561-566, ⟨10.1007/978-3-642-30436-1_49⟩. ⟨hal-01518251⟩

Share

Metrics

Record views

256

Files downloads

137