Security for Authentication, Encryption and Signature in the Execution of Composite Web Services. (P. 106-118)
Seguridad para la Autentificación, Cifrado y Firma en la Ejecución de Servicios Web Compuestos. (P. 106-118)
DOI:
https://doi.org/10.62876/tekhn.v1i18.3280Abstract
In a distributed system,
multiple security mechanisms such as:
server identity verification
(authentication), detection of alterations of
the results (integrity) or assurance of
information privacy
(confidentiality). For the case of the
composition of web services, where several
web services are articulated to fulfill the
request of a user, an intruder can
alter the information exchanged between
servers. This can be avoided by
part, encrypting the responses, using
negotiated a session key, so that the
client does not receive, for example, information
fraudulent or defamatory advertising. For other
part, using the infrastructure of
public and private keys, it is possible to secure
the authenticity of web servers
through certificates and validate the authorship of the
message to assume the
commitments of the information transmitted
using digital signatures. Thus in this work
proposes the use of the infrastructure of
digital certification to offer security in
the exchange of information in systems
distributed that make composition of
web services, allowing: integrity,
confidentiality, mutual authentication and avoidance
the rejection of authorship for the information
transmitted (non-repudiation).
Downloads
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2017 Array
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
