New Proposed Method For Web Services Security

Abstract

TI1e Web service securi ty challenge is to understand  and  assess the risk  involved  in securing  a web-based  service  today, based on our existing security technology, and at the same time tmck emerging standards and  understand  how they will be used  to offset the risk in

new web services. Any  security model must  i llustrate  how data  can

now  through   an  application   and   network   topology  to  meet  the

requirements  defined  by the busi ness  wi thout exposing  the data  to undue  risk.  In this paper  we propose  a mechanism  for the client to provide authemication  data, based on the service definition , and  for the service  provider to retrieve those data . We also  show  how XMl.

Digital Signatures  and encryption can  be exploited to achieve a level

of  trust.