Nowadays Internet becomes the most used tool for the ever increasing amount of various transactions between institutions, organizations and more generally between clients and providers. Conducted studies and experiments showed that it is more convenient to provide and achieve these transactions as web services (WS) to guarantee their flexibility and their reuse. So far these services and the corresponding providers' URLs are advertised on specific UDDIs (Universal Description, Discovery and Integration). As such, after finding the requested service any given client contacts the right provider to negotiate the service access procedure. These first contacts between clients and providers are usually and commonly not protected (Encrypted) yielding enough room for Hackers to intrude into these unprotected messages. In this paper, we propose a securing approach based on both the PKI infrastructure and some proposed improvements of the UDDI functioning in an attempt to provide adequate security for web services.
展开▼
