Transcript Document

Architecture for Integrated and
Intelligent Security for Mobile Web
Services
Web services have become a promising technology in the
IT industry that emphasizes the realization of ServiceOriented Architecture (SOA) and the simplification of
interoperability.
The web services technology change the software industry
dramatically by developing and integrating enterprise web
services and applications for easy access
Web services have been promoted for reducing costs,
increasing reuse, simplifying integration and creating more
agile infrastructures.
The recent trends in the web services promise a cosmic
revolution in the near future where applications can be
created by combining multiple services in a single workflow.
The services can be added, removed or replaced from a
workflow either statically in the development phase or
dynamically
at
run-time.
Web service can be used for enterprise applications but
the services can be extended to the rural population for
their day today applications in real life services-marketing,
e-shopping, e-portals for their basic needs etc..
Presently, sharing and processing of enterprises
information become more cumbersome. The users have to
switch between applications, re-enter data multiple times,
and spend more time searching for key data. This leads to
less productivity, higher costs, mistakes, and reduced
overall customer satisfaction.
To overcome these issues, the application developers have
to provide convention patches and tools. But this could be
very costly since the legacy applications were written by
different companies.
With Web Services, each application must adhere to a set of
standardized protocols for sharing and accessing the
enterprises data.
Therefore, web services technology has emerged as a
standard mechanism for Enterprise Application Integration
by enabling the sharing of resources such as databases,
programs, enterprise services etc among loosely-coupled,
heterogeneous systems
Due to advances on mobile technology and the proliferation of
mobile devices’ use, the Mobile Web Services have fallen into
upcoming research area that involves mobile devices,
applications, middleware, and mobile networks.
Compared with web applications, mobile services and
applications can really make anyone gain the entire information
and services at any time, any place and on any device.
There has been in these days a notable increase in consumer use
of mobile applications. The rapid growth of mobile networks and
services fueled by next generation mobile communications
systems research has ushered in the area of ubiquitous
computing.
Light weight portable computers, IP based office and home
appliances, and the popularity of Internet is strong forces to
the service providers to support seamless user mobility.
Realizing commercially viable secure IP mobility support
over the current cellular infrastructure remains a research
challenge.
According to Comscore study, the Mobile advertising is exploding
and is going to hit $3 billion by 2012 [1]. The amount spending
for mobile advertising is gradually increased recently that
indicates where an industry is headed. In the next two years
Juniper Research predicts that approximately three billion
mobile coupons will be issued to phones. Bar coded mobile
coupons, another new trend, are now becoming a significant
practice amongst bigger businesses [2]. Big retailers such as WalMart, Best Buy, Sears, and J.C. Penney have built mobile web
sites specifically and iPhone applications in the last year [3].
These applications have allowed consumers to order products,
read reviews and provide other services to their clients. Further
mobile android applications and services now have over 70,000
in the market but there is still lag behind the iPhone applications
[4]. Therefore mobile web services have become the significant
technology for the IT industry.
However while hosting web services on mobile devices, there
are number of challenges limiting the successful deployment of
mobile web services like restricted use of resources,
disconnection during service execution, low bandwidth and
security. The major problem in successful mobile web services is
lack of adequate security. The encryption techniques such as
secret-key and public key infrastructure are the most common
methods to ensure transaction privacy, confidentiality and
integrity. However, these techniques are depending upon the
security of the endpoint systems in terms of protecting the keys
from modification or misuse [5].
While providing several benefits, the web service security
technology is facing serious threats like prefix hijacking and
interception [6]. A fraudulent intruder can hijack a prefix in order
to attack against performance and launch denial-of-service
attack [7]. After hijacking the prefix, the malicious intruder can
attack against security and launch Man-in-the-Middle attack
(MITM) [8], which can occur between any two communicating
parties. Yang et al [9] have provided details about the MITM
attack on user authentication from the remote autonomous
object. According to Xu et al[10], there are three factors
pertaining to information security such as confidentiality,
integrity and availability.
There is also an exceptional demand for preserving the
confidentiality and integrity of service messages that
traverse on mobile networks. The existing mobile web
service security mechanisms that thwart unauthorized
access to the database and illicit service flow among the
resources turn out to be inadequate to ensure security over
the cellular networks. This situation is mainly due to the
emergence of distributed services architectures, the high
degree of exposure of communication channels and the
increasing necessity for sharing the variety of resources
available in the network. Therefore the aim of this paper is
to propose the architecture for integrated and intelligent
security for web services via mobile devices anywhere and
at any time.
Sheng et al. (2002) have proposed the architecture for
mobile web service that integrated mobile agents with
mobile services to achieve convenient and efficient
use of web services.
In the proposed architecture, the mobile agents are
implemented for searching the web services from
UDDI and locating the mobile users.
The architecture is also considered web services
serving in push and pull mechanism.
Although the suggested architecture primarily
considers service agents mechanism, it does not
provide any security for service agents’ interaction.
Masashi et al.(2003) have proposed a scalable
security description framework with open APIs based
on WS-Security.
The framework has provided AAA security system
where time-constraints, purchase price and network
connection issues are considered.
In order to support scalability for mobile web services, the
architecture has adopted XML-based interface description,
token description, procedure description and service context
description.
Although the framework has mainly focused the user
authentication, authorization and accounting, it does not
address
remaining
security
mechanisms
confidentiality, integrity and non-repudiation.
such
as
Haiping et al.(2008) have designed an XML firewall
security model for web services systems.
The aim of this model is to enhance the conventional
firewalls that accomplishes packet filtering at the
transport and session layer, rather than verifying user
permissions and examining the contents of each packet
at application layer.
Since the formal firewall does not examine the content
of a packet, it is not able to identify threats such as SQL
injection, denial of service (DoS), schema poisoning
and so on.
Nevertheless, this formal model supports the user
authentication as well as role-based user authorization
according to policy rules that can be updated dynamically.
The user interacts with the application through the user
interface. The application logic then processes the
requests from the user and initiates service calls that
may in turn invoke either a single web service or a
cluster of web services.
The request from the application is verified by the XML
firewall for authenticity and authorize based on the state
information available in the state DB database. When
the request is affirmed to be valid, it then passes the
request to the corresponding web service; otherwise, the
request is rejected.
The administrator of an XML firewall has the privilege of
changing the policies available in the policy database
through the administration module. Although this model
supports authentication and authorization, it has
limitations in providing support for the security issue like
non-repudiation.
Maher et al.(2010) have proposed an architectural model
to offer secure and flexible web service using PKI and
agent technology. This model contains two components.
The first component concerns with PKI utilization by the
clients and providers along with their certificates.
The second component involves the UDDI which performs
as a trust centre between clients and the servers to
enhance the web services security. A prior registration and
the publication of the public key are mandatory for each
involved party.
Each involved party must publish their own public key
over the UDDI, during the subscription process, to have
secure communication. Once subscribed, any given party
can authenticate and access web services using the
public key of the other party to communicate together in a
secure manner.
In order to reduce the communication, each client and
provider shall record all useful data of his authenticated
providers and clients on a special list, by which one of them
requests a web service another time.
Once the client and the provider get acquainted with each
other, both the parties will communicate further without the
involvement of the trust centre for negotiation till the
agreement.
The primary objective of this architecture is to enhance
the security using mobile agents. However, the secure
communication between agents is another concern and
there is no technical information about them which leads
to shortcoming of this model.
Ahmed et al. (2010) have presented a service oriented
integration and security adaptation framework. This
framework can be used to adapt the security policies of
organizational workflow and its web services.
The adaptation of the organizational workflows and the
web services securities is verified through security and
adaptation engines rules. The framework consists of four
main modules such as input, abstract level, concrete level,
and security and adaptation engines.
The input module consists of the various inputs like WSDL
file, BPEL file and BPEL security rules for each stage of
the framework.
Abstract level module consists of three basic blocks such
as Web service checking, Verification and Validation
(V&V), BPEL adaptation and Web service removal.
WS-Checking ensures the inputs against web service
standards and web service security rules.
V&V verifies the BPEL security rules against BPEL security
tags and validates the possibility of security adaptation and
integration into the workflow of web services. BPELAdaptation gets used to the provided web service(s) in
terms of BPEL security by invoking or replacing the existing
web services.
Finally, WS-Removal checks the requirements with existing
web service(s) and removes a specific web service from
the work flow, if necessary. Concrete level module contains
WS-Checking and BPEL adaptation blocks.
Security and adaptation engines support each abstract
level function such as set of rules and standards.
However, it requires further work on security tag
specification of the business process workflow,
formalization of security adaptation and integration
processes and the orchestration of inter-organizational
services.
Rabeb et al (2011) have evaluated the performance of
mobile web service for their newly developed architecture.
The architecture has provided a mechanism for resuming
and managing the network connections when they are
disconnected.
The authors are also identified and evaluated some of the
QoS of web services such as response time, availability,
throughput and scalability.
The developed architecture is applied to both SOAP and
RESTful web services and obtained the results that latter
web services are more convenient for mobile web services
and do not degrade the performance levels with respect to
QoS.
The architecture considers general issues for mobile web
services, however, it failures to consider the major
challenges and limitations in mobile networks and
security.
The architecture defines the structure of components,
their interrelationships, the principles and guidelines
governing their design and evolution over time.
The protocols like HTTPS are used as the standard
communication protocol between the clients, agents and
the information service providers.
The proposed architectural model provides the necessary
technical infrastructure such as acquiring client
information, connectivity, and security services like
authentication, authorization, confidentiality, integrity, nonrepudiation, accounting and auditing.
The proposed architecture comprises of the following
entities such as
Service Requesters (SR),
Request/Response handler,
WS Security Manager (WS-SM),
AAA server,
Web Service Manager (WSM),
DBS Security Manager (DBS-SM),
Service Agent Manager (SAM),
SA Security Manager (SA-SM),
Information Server,
Content Filter Server (CFS) and simulated ISPs.
SR 1
SR 2
SR 3
SR n
...........
L2
WS Security
Manager
L1
AAA Server
Request / Response Handler
Web service Manager
Information Service
Providers
Service
Agent
Manager
L4
SA
Security
Manager
L5
Integrated
Security
Architecture
Content
Filter
Server
DBS Security
Manager
Information
Server
Public Network
L3
DB
Figure 1: Proposed Integrated and Intelligent Security Architecture for Mobile
Web Services
The proposed architecture incorporate web services
technologies, namely UDDI, SOAP, and WSDL in mobile
agent platform.
The architecture integrates the security mechanisms at
various levels such as user authentication, service
messages, database access, mobile agent’s interactions
between information service providers with UDDI via
SOAP and content filtering.
Therefore the client could obtain the result of services
via the user interface supported by the architecture.
Consequently, the proposed architecture supports the
independence of mobile agent and the convenience of
mobile web services.
The mobile agents are deployed at the Service Agent
Manager and the Server is established by using UDDI4J
of WSTK (web services toolkit) produced by IBM and
UDDI SDK produced by Microsoft. Simple object Access
protocol (SOAP) is recognized as a standardized
architecture for Service-Oriented Architecture (SOA).
However, SOA can also be implemented using other
technologies such as REST.
SOAP is a messaging protocol using XML that consists
of envelope, encoding rules, remote procedures calls
and binding agreements. The envelop defines the
architecture for describing the body of the message and
the header representing how to process it.
The functionalities of the proposed architecture are as
follows:
Service Requester (SR)
SR is an either mobile or web user who can search and
obtain the services from the service registries of ISA. They
are categorized into Registers Service Requester (RSR)
and Guest Service Requester (GSR).
The RSRs are the active service requesters who may be
staff and administrators of the ISA’s corporate or outsiders.
Unlike GSRs, the Registered Service Requesters need to
be registered with the ISA by providing their details. During
the service requisition, the RSRs are authenticated and
authorized by the AAA server of the ISA.
Request/Response Handler (RRH)
The RRH handles the various request and responses raised
by the service requester.
The ISA provides service interfaces for the requesters to
obtain the service requests. The requester interfaces for
web services can be formulated using any format like XML.
However, those interfaces are converted to SOAP message
to invoke the web services from the different service
providers.
After the service is executed, the results will be returned to
the service requester as a SOAP message. The requester
interfaces are secured using Public Key Infrastructure
mechanism.
WS Security Manager (WSSM)
The WS-SM offers a comprehensive and easy-to-use
solution for policy management and security service
infrastructure.
It acts as packet filtering server that only restricts IP
addresses or TCP ports recorded in an IP table and fails
to detect a packet with XML data tampered with an SQL
injection attack.
Presently, most of the web services are SOAP-based or
simply XML-based, which are bound to HTTP protocol
and they are typically not blocked by the conventional
firewalls.
The major threats to the web services are XML-based
attacks, which rely on XML messages and on application
layer protocols such as HTTP for message negotiation and
transmission.
The typical XML-based attacks include XPath injection
attack, XML-based denial of service (XDoS) attack,
overloaded payload attack, recursive payload attack,
parameter tampering attack, XML injection attack, SQL
injection attack, and schema poisoning attack.
WSSM supports additional security services like
confidentiality, message integrity and non-repudiation
using PKI.
In WSSM, the access to web services is granted only to
those who are authenticated and authorized to have
access to the services.
The WSSM also provides Role-Based Access Control
(RBAC), which is widely accepted model proposed by
NIST.
AAA Server
The AAA is responsible for authenticating the Service
Requester by validating their credentials of the RSRs with
the help of WSSM.
It provides lightweight security procedures to authenticate
the each service requester. The AAA server also maintains
the records for login access.
After SR is successfully authenticated, the AAA’s
authorization process is used to restrict what action a SR
can perform or what service the SR can access.
The AAA’s accounting process keeps the information about
authentication and authorization events for each service
requesters.
Web Service Manager (WSM)
The WSM is responsible for obtaining the service requester’s
requests and providing web services responses through RRH,
creating a log for each service request, configuring the web
services, maintaining Web Service Registry (WSR),
establishing communication with the remaining entities of the
ISA and with information service providers via Service Agent
Manager (SAM), and providing security services.
Since there are a growing number of frequently accessed web
services that utilize mirror servers to enhance the reliability
and performance of the web services.
Mirror servers simply replicate the entire or significant
content of CWSS. When the user requests for web service,
the service request is redirected to any one of the mirrors
that are co-located to the service requester.
Since each mirror has a portion of the total services, service
requester can be served faster and their download times can
be reduced.
Once the service request is received by the WSM, it
configures the web services using service registry.
If the requester made a request for new service, which are
not available in service registry, the WSM sends request for
new service to the ISP through Service Agent Manager
(SAM).
When request arrives to the WSM, the WSM could find the
services via UDDI and communicates with the DBS-SM
through WS-SM.
DBS Security Manager (DBS-SM)
DBS Security manager provides security policies for
accessing both web and data services Data services are
also essential web services that provide unique access to
data stored in heterogeneous systems.
The DBSSM provides a secure interface to facilitate the
easy access of service information stored in the database.
The reliable and secure access of web and data service
information can be accomplished using WS-Security and
WS-Reliable Messaging with the help of DBSSM.
Service Agent Manager (SAM)
The SAM adopts agent platform to fetch the new or updated
service requests from different information service providers.
In the proposed system, the SAM is an agent server between
WSM and Information Service Providers (ISPs). For each
service request to respective ISP, the SAAM creates agent
and by which it collects new service or updated service
information.
The secure communication between SAM and ISPs is taken
care by Service Agent Security Manager (SASM). According
to the Web Service Manager’s request, the SAM is also
responsible to update the web and data services periodically
as per policy enforced by the WSM with ISPs.
Service Agent Security Manager (SASM)
The
SASM
establishes
and
authenticates
the
communication with ISPs from public network to obtain the
web services.
The Information Service Provider may provide the service
information and data services defined by WSDL to the
SASM. The information about both web and data services
are then stored at Information Server (IS) of ISA.
XML encryption and XML signature are adopted to provide
secure communication. XML signature supports the use of
message digest, keyed hash message and digital signature
which are used to authenticate and ensure the integrity of
the XML messages. XML encryption is used to encrypt the
service responses.
Information Server (IS)
The new and updated services are stored at Information
Server of ISA where it keeps unformatted and unfiltered
services information. The Information Server (IS) then
forwards the services information to Content Filter Server
(CFS) for filtering process.
Content Filter Server (CFS)
The CFS plays a major role in the proposed architecture.
The CFS applies different mechanisms to clean unwanted
and unrelated service information sent by the IS.
Filtering the web contents is a most difficult task which is
supported by intelligent mobile agent architecture.
In this architecture, the intelligent agent interface for
service request is designed in a natural language then
passed to the Domain Processor (DP).
The DP analyzes the request interface to capture its
purposes, problems and constraints.
The DP engine selects a suitable method for filtering from
available semantic web rules and produces final results.
Once the service information is filtered, which is sent to
the database through DBS Security Manager (DBS-SM).
In the proposed architecture, the requester sends the
service request to the service provider who has
implemented the ISA. Initially, the Request/Response
Handler receives the services requests from the clients and
forwards them to the WS Security Manager (WSSM) for
validation.
The WSSM verifies the service request and forwards to
the AAA server for authentication and authorization. Once
the user is authenticated and granted for accessing the
services, AAA server sends the request to the Web
Service Manager (WSM).
The WSM checks the services request with service
registry such as UDDI and configures the web service
requests. While processing the service request, WSM
adds request authentication code with service requests
and sends it to the DBS-Security Manager.
The DBSSM validates the authentication code and
privileges, and it returns the responses to the WSM.
Finally, the service responses are then forwarded to
the service requester in a secured way through
WSSM.
In case of service requests are available at the service
registry; the WSM sends a request for new service to the
Service Agent Manager. The SAM creates agent for each
service request and sends to the Service Agent Security
Manager (SASM).
The SAM also updates the services and services
information periodically as per the policy imposed by the
WSM. The SASM adds security mechanisms to the each
service agents and establishes communication with
respective information service providers to send the new
service request via secured way.
The proposed architecture adopts WS-Security together
with Internet security infrastructure such as HTTPS. When
the ISPs respond, the new services and service
information are stored at Information Server via SASM and
which are forwarded to the Content Filter Server for
information extraction.
The filtered information is then stored in the database
through DB Security Manager. Meanwhile, when the new
or updated services are received by the SASM, it sends a
report about them to the Web Service Manager and the
WSM sends the request to DB Security Manager through
proper way. Finally, the WSM obtains the service
responses from DBSM and forwards the same to the
service requester through secured infrastructure.
The main objectives of the experimental studies are to
investigate the performance of the proposed architecture
in terms of response time and system throughput.
The ultimate aim is to have a measure of the throughput
of the system with large number of service requesters.
These measures are helpful during the deployment of the
system as commercial product.
The performance tests are automated. A proper and
adjustable load of service transactions are monitored.
In the proposed system, the server load would be
distributed across various servers namely mobile device
for service requester, AAA Server, Request/Response
Server, Web Service Server, WS Security Server, DBS
Security Server, DB Server, Agent Server, Agent Security
Server, Information Server, Content Filter Server and
simulated ISPs.
The client’s service request interface is tested on
Samsung Galaxy y s5360. The service requester invokes
the different mobile web services over the 3G network.
The performance of the client device and the network
latency were observed while processing the service
requests. The experimental setup consists of the
following: Samsung Galaxy y s5360, Android OS version
2.3.3, CPU 830 MHz, 290 MB RAM, Apache Tomcat
5.2.0 Web Server on which Web Services are deployed,
Netbeans 7.1 for SOAP web service implementation and
testing used to evaluate the system response time and
throughput for the proposed architecture
Test Environment: Tests are conducted with 100
successive service requesters generating the service
requests to the proposed system simultaneously. The
maximum number of concurrent requests of 110 was
chosen to represent a test-case scenario. The response
time of the system is measured and reported separately
for each request. Test results are analyzed to determine
the goodness of the system response time. During the
performance tests, the operating system performance
monitor was observed. The general observation was that
the load on server system was low with less number of
service requesters and high with more number of
requesters. However, with one concurrent requester, the
load is stayed steady at about 0.01 % and with 90
service requesters a constant load was generated
significantly.
Response Time: The following figure illustrates the
variation of system response time while increasing the
number of SOAP service requests for various mobile
services such as weather, health, education, shopping
and agriculture services. The Figure 2 represents the
performance results in terms of mean response times.
On the significant scale of 1 to 100 service requests, the
proposed system seems to exhibit a linearly growing
mean response time. The slope of the curve is starting to
steepen between 100 and 110 simultaneous service
requests. This is quite natural that every system reaches
the level of load where the performance observed by a
single request starts to degrade dramatically.
Figure 2 : The Performance Results For Mean Response time
From the above figure, it is observed that the SOAP shopping
web services consumes more response time than the weather
services.
Moreover, the shopping web services stops accepting requests
at around 100 simultaneous service requests, however the
high-end servers may handle more than these generated
SOAP requests.
The design criteria of an average response time of 4 to 9
seconds can easily be achieved. This is the response time that
a service requester can expect to experience at the best.
However, the network latency will further increase the
response time but this has to be an acceptable one. The
minimum individual response time could be achieved within
the specified hardware and networking architecture and it was
about 4.20 seconds.
Figure 3: The performance test results - Throughput
System Throughput: The Figure 3 depicts the throughput
of the proposed system. The system throughput exhibits a
very scalable behavior i.e. the throughput increases
gradually up to 10 web service requests and keeps rapidly
increasing till 100.
At 100 simultaneous requests, the system has reached
the saturation point due to various factors and the
throughput declines. However, the proposed system
provides responses to the service requests with
reasonable response time and the system load is linear.
From the results, it is studied that the maximum throughput
of the system achieved in the tests is 16.07 service requests
per second at the mean response time of 7.72 seconds.
It is found that the throughput was naturally achieved when
there are constantly 100 simultaneous service requests
made. This level of throughput can be considered as
adequate in terms of the criteria specified for the system.
Thus the proposed model supports security at high level and
supports response time as well as throughput significantly
Web services technology is the new dimension of Web
Engineering that facilitates the building of more complex web
applications by composing elementary web services.
Since security plays a crucial role in the web services scenario, the
design and development of security architecture for complex web
application has become more challenging and promising research
area. Furthermore, there is a considerable amount of research
work carried out to protect the mobile web services.
However there is no concrete proposal available so far to build a
integrated and intelligent security for cross domain web services.
This paper proposes a novel architecture for securing the
mobile web services at the various levels and provides
intelligent security mechanisms using mobile agents.
There are five mobile services such as shopping, health,
education, agriculture and weather implemented and the
proposed architecture is tested with these services. The
results are also summarized in this paper.
As a future work, we are planning to extend our experiments
to cover other platforms and mobile devices and compare
their performances.
[1]
The web site. [Online]. Available:
http://mobilewebservices.co/why-having-a-mobile-website-is-soimportant/
[2]
The web site. [Online]. Available:
http://rhinomobile.us/why-having-a-mobile-website-is-soimportant/
[3]
The web site. [Online]. Available:
http://themobilewebsite.co/why-having-a-mobile-website-is-soimportant/
[4]
The web site. [Online]. Available:
http://androidrich.com/why-windows-phones-lag-behind-iphoneandroid-phones/
[5]
Hitesh Ballani, Paul Francis and Xinyang Zhang, A
Study of Prefix Hijacking and Interception in the
Internet,SIGCOMM '07, ACM, Kyoto, Japan, August 2007.
[6]
Nikita Borisov, George Danezis, Prateek Mittal and
Parisa Tabriz, Denial of Service or Denial of Security? How
Attacks onReliability can Compromise Anonymity, CCS’07,
ACM, Virginia, USA, 2007.
[7]
Song Han, Wanquan Liu, Elizabeth Chang, Deniable
Authentication Protocol Resisting Man-in-the-Middle Attack,
World Academy of Science, Engineering and Technology3,
2005.
[8]
Cheng-Ying Yang,Cheng-Chi Lee and Shu-Yin Hsiao,
Man-in-the-Middle Attack on the Authentication of the User
from the Remote Autonomous Object, International Journal of
Network Security, Volume 1, Number.2, pp. 81–83, Sep.
2005.
[9]
Li-xin Xu, Dong Sun and Dan Liu, Study on Methods
for Data Confidentiality and Data Integrity in
RelationalDatabase, Proceedings of the 3rd IEEE
International Conference on Computer Science and
Information Technology (ICCSIT ’10), Volume 1, pp. 292-295,
IEEE Press, 2010.
[10] Marchany, R.C. and Tront, J.G., E-Commerce
Security Issues, In: Proceedings of the 35th Hawaii
International Conference on System Sciences (HICSS),
Volume 7, pp.193-201, IEEE Computer Society, Big
Island, Hawaii, 2002.
[11] Sheng-Tzong Cheng, Jian-Pei Liu, Jian-Lun Kao
and Chia-Mei Chen,A NewFramework for Mobile Web
Services, in Proc. 2002 Symposium on Applications and
the Internet (SAINT’-2w), 2002.
[12] Masashi Morioka, Yoshifumi Yonemoto, Takashi
Suzuki, and Minoru Etoh, Scalable Security Description
Framework for Mobile Web Services, ,2003.
[13] Haipinget al.2008] HaipingXu, MihirAyachit and
AbhinayReddyreddy, Formal modeling and analysis of XML
firewall for service-oriented systems, in International Journal
of Security and Networks, Vol. 3, No. 3, pp. 147–160, 2008.
[14] Maher Khemakhem, Wiem Rekik and Jacques
Fayolle, A flexible and secure web service architectural
model based on PKI and agent technology, International
Journal for Infonomics, Volume 3, Issue 2, 2010.
[15] Ahmed Ghoneim, Samir Elmougy, Ahmed A.
Hussein and Reiner R. Dumke, A Service Oriented
Integration and Adaptation Framework for Organizational
Services Orchestration, International Conference on
Semantic Web and Web Services, pp105-111, 2010.
[16]
Rabeb Mizouni, M. Adel Serhani and Rachida
Dssouli, Performance Evalution of Mobile Web Services,
in ECOWS, 2011.
THANK YOU