Message Level Security Enhancement For Service Oriented Architecture

摘要

Service-oriented architecture (SOA) is a technique to develop application by assembling different services. It is an approach to make applications more responsive to meet the requirement of changing business environment. As per SOA, services are repeatable business task which combines in a series to meet the consumer demand. This series of the services are called as business application. Securing all these services of an application is difficult task. Security requirements should be managed when an application is used locally or in conventional closed systems so that security can be applied to corresponding message. Service oriented architectural project uses different services to build an application. These services are independent of the implementation which causes different security configuration for the services within an application. In this case, Message level security can be used for end to end security implementation. Many techniques have been already provided by different researchers to increase security using message level security implementation. To implement end to end security for an application, the author(s) explored the possibilities of Message level security using authorization and authentication of users from the message when it crosses through different services. The Proposed model tries to secure all services within an application. The author(s) suggest security handling and data protection at different levels in service oriented architecture. The proposed model also maintains the service level agreement for the services within an application. This paper focus on the enhancement of existing message level security so that security, reliability, service performance can be increased.