Adapting Web Services Security Standards for Mobile and Wireless Environments

Delessy, Nelly A.; Fernandez, Eduardo B.

doi:10.1007/978-3-540-72909-9_69

Nelly A. Delessy¹ &
Eduardo B. Fernandez¹

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 4537))

Included in the following conference series:

2424 Accesses
1 Citations

Abstract

Web services are an important way for enterprises to interoperate. They are also becoming important for user access to services that depend on location and they are appearing in mobile devices. We consider the security standards needed for the use of web services in wireless networks. Web services security standards are used for the secure design of the communications between a web service and a mobile client and for the storage of the web service and its data. However, because those standards are designed to be flexible, they are also complex and verbose, and most often difficult to understand and implement. In addition, wireless devices have specific technological constraints and their own standards. We show here the use of patterns as a way to adapt web services security standards to the wireless environment. We also present a new pattern for the Liberty Alliance PAOS service.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 84.99; Price excludes VAT (USA)

Softcover Book: USD 109.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Bellavista, P., Corradi, A., Montanari, R., Stefanelli, C.: Context-aware middleware for resource management in the wireless Internet. IEEE Transactions on Software Engineering 29(12), 1086–1099 (December 2003)
Article Google Scholar
Chu, H., You, C., Teng, C.: Challenges: Wireless Web Services. In: Procs of the 10th International Conference on Parallel and Distributed Systems (ICPADS 2004) (2004)
Google Scholar
Delessy, N., Fernandez, E.B., Rajput, S., Larrondo-Petrie, M.M.: Patterns for application firewalls. In: Procs. of Pattern Languages of Programs (PLoP 2004), http://hillside.net/plop/2004/final_submissions.html
Delessy, N., Fernandez, E.B.: Patterns for XACML, In: Procs. of Pattern Languages of Programs (PLoP 2005) (2005), http://hillside.net/plop/2005/proceedings.html
Delessy, N., Fernandez, E.B., Larrondo-Petrie, M.M.: A pattern language for identity management. In: Procs.of the 2nd IEEE Int. Multiconference on Computing in the Global Information Technology (ICCGI 2007) March 4-9, Guadeloupe, French Caribbean (2007)
Google Scholar
Elkarra, N.: A Web Services Strategy for Mobile Phones. XML.com, http://webservices.xml.com/pub/a/ws/2003/08/19/mobile.html
Fernandez, E.B., Larrondo-Petrie, M.M., Sorgente, T., VanHilst, M.: A methodology to develop secure systems using patterns. In: Mouratidis, H., Giorgini, P. (eds.) Ch. 5 in Integrating security and software engineering: Advances and future vision, IDEA Press, pp. 107–126 (2006)
Google Scholar
Fernandez, E.B., Delessy, N.: Using patterns to understand and compare web services security products and standards. In: Procs of the IEEE Int. Conf. on Web Applications and Services (ICIW 2006), Guadeloupe (February 2006)
Google Scholar
Fernandez, E.B., Delessy, N.A., Larrondo-Petrie, M.M.: Patterns for web services security. In: Skar, L., Bjerkestrand, A.A. (eds.) Best Practices and Methodologies in Service-Oriented Architectures, 29-39, part of OOPSLA, the 21st Int. Conf. on Object-Oriented Programming, Systems, Languages, and Applications, Portland, OR, ACM, New York (2006)
Google Scholar
Fernandez, E.B., Sorgente, T., Larrondo-Petrie, M.M., Delessy, N.: Web services security: Standards, industrial practice, and research issues (submitted for publication)
Google Scholar
Gamma, E., Helm, R., Johnson, R., Vlissides, J.: Design Patterns: Elements of Object-Oriented Software. Addison-Wesley, Boston, MA (1994)
Google Scholar
Jansen, W., Karygiannis, T., Iorga, M., Gavrila, S., Korolev, V.: Security policy management for handheld devices. In: Procs. of the Int. Conf. on Security and Management (SAM 2003) (June 2003)
Google Scholar
http://www.13ia.com/13ia/0,8764,56843,00.html
Schumacher, M., Fernandez, E.B., Hybertson, D., Buschmann, F., Sommerlad, P.: Security Patterns: Integrating security and systems engineering. Wiley, Chichester, UK (2006)
Google Scholar

Download references

Author information

Authors and Affiliations

Dept. of Computer Science and Eng., Florida Atlantic University, Boca Raton, FL 33431, USA
Nelly A. Delessy & Eduardo B. Fernandez

Authors

Nelly A. Delessy
View author publications
You can also search for this author in PubMed Google Scholar
Eduardo B. Fernandez
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Kevin Chen-Chuan Chang Wei Wang Lei Chen Clarence A. Ellis Ching-Hsien Hsu Ah Chung Tsoi Haixun Wang

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Delessy, N.A., Fernandez, E.B. (2007). Adapting Web Services Security Standards for Mobile and Wireless Environments. In: Chang, K.CC., et al. Advances in Web and Network Technologies, and Information Management. APWeb WAIM 2007 2007. Lecture Notes in Computer Science, vol 4537. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-72909-9_69

Download citation

DOI: https://doi.org/10.1007/978-3-540-72909-9_69
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-72908-2
Online ISBN: 978-3-540-72909-9
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics