Abstract
Web services are an important way for enterprises to interoperate. They are also becoming important for user access to services that depend on location and they are appearing in mobile devices. We consider the security standards needed for the use of web services in wireless networks. Web services security standards are used for the secure design of the communications between a web service and a mobile client and for the storage of the web service and its data. However, because those standards are designed to be flexible, they are also complex and verbose, and most often difficult to understand and implement. In addition, wireless devices have specific technological constraints and their own standards. We show here the use of patterns as a way to adapt web services security standards to the wireless environment. We also present a new pattern for the Liberty Alliance PAOS service.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Bellavista, P., Corradi, A., Montanari, R., Stefanelli, C.: Context-aware middleware for resource management in the wireless Internet. IEEE Transactions on Software Engineering 29(12), 1086–1099 (December 2003)
Chu, H., You, C., Teng, C.: Challenges: Wireless Web Services. In: Procs of the 10th International Conference on Parallel and Distributed Systems (ICPADS 2004) (2004)
Delessy, N., Fernandez, E.B., Rajput, S., Larrondo-Petrie, M.M.: Patterns for application firewalls. In: Procs. of Pattern Languages of Programs (PLoP 2004), http://hillside.net/plop/2004/final_submissions.html
Delessy, N., Fernandez, E.B.: Patterns for XACML, In: Procs. of Pattern Languages of Programs (PLoP 2005) (2005), http://hillside.net/plop/2005/proceedings.html
Delessy, N., Fernandez, E.B., Larrondo-Petrie, M.M.: A pattern language for identity management. In: Procs.of the 2nd IEEE Int. Multiconference on Computing in the Global Information Technology (ICCGI 2007) March 4-9, Guadeloupe, French Caribbean (2007)
Elkarra, N.: A Web Services Strategy for Mobile Phones. XML.com, http://webservices.xml.com/pub/a/ws/2003/08/19/mobile.html
Fernandez, E.B., Larrondo-Petrie, M.M., Sorgente, T., VanHilst, M.: A methodology to develop secure systems using patterns. In: Mouratidis, H., Giorgini, P. (eds.) Ch. 5 in Integrating security and software engineering: Advances and future vision, IDEA Press, pp. 107–126 (2006)
Fernandez, E.B., Delessy, N.: Using patterns to understand and compare web services security products and standards. In: Procs of the IEEE Int. Conf. on Web Applications and Services (ICIW 2006), Guadeloupe (February 2006)
Fernandez, E.B., Delessy, N.A., Larrondo-Petrie, M.M.: Patterns for web services security. In: Skar, L., Bjerkestrand, A.A. (eds.) Best Practices and Methodologies in Service-Oriented Architectures, 29-39, part of OOPSLA, the 21st Int. Conf. on Object-Oriented Programming, Systems, Languages, and Applications, Portland, OR, ACM, New York (2006)
Fernandez, E.B., Sorgente, T., Larrondo-Petrie, M.M., Delessy, N.: Web services security: Standards, industrial practice, and research issues (submitted for publication)
Gamma, E., Helm, R., Johnson, R., Vlissides, J.: Design Patterns: Elements of Object-Oriented Software. Addison-Wesley, Boston, MA (1994)
Jansen, W., Karygiannis, T., Iorga, M., Gavrila, S., Korolev, V.: Security policy management for handheld devices. In: Procs. of the Int. Conf. on Security and Management (SAM 2003) (June 2003)
Schumacher, M., Fernandez, E.B., Hybertson, D., Buschmann, F., Sommerlad, P.: Security Patterns: Integrating security and systems engineering. Wiley, Chichester, UK (2006)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Delessy, N.A., Fernandez, E.B. (2007). Adapting Web Services Security Standards for Mobile and Wireless Environments. In: Chang, K.CC., et al. Advances in Web and Network Technologies, and Information Management. APWeb WAIM 2007 2007. Lecture Notes in Computer Science, vol 4537. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-72909-9_69
Download citation
DOI: https://doi.org/10.1007/978-3-540-72909-9_69
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-72908-2
Online ISBN: 978-3-540-72909-9
eBook Packages: Computer ScienceComputer Science (R0)