Databases Reference
In-Depth Information
semantic web technologies are discussed in section 3. Integrating secure web
services and secure semantic web technologies are discussed in section 4. The
chapter is summarized in section 5. For more details on securing the semantic
web we refer to [3].
2 Web Services Security
2.1 Overview
In this section we will provide an overview of web services security. As stated
in section 1, web services refer to the technologies that allow for making
connections. Web services are being adopted now for numerous applications
on the web. It is through these web services that we can now conduct business
on the web as well as execute transactions. For many of these applications, it
is important that the services be secure.
The organization of this section is as follows. In section 2.2 we provide an
overview of web services. The developments in secure web services is discussed
in section 2.3. Some security assertion languages are discussed in section 2.4.
Shibboleth, which is a distributed web resource access control system that
allows federations to cooperate together to share web based resources is dis-
cussed in section 2.5 [4].
2.2 Web Services
A service-oriented architecture (SOA) is essentially a collection of services [5].
These services communicate with each other. The communication can involve
either simple data passing or it could involve two or more services coordi-
nating some activity such as planning travel. Some means of connecting ser-
vices to each other is needed. Service-oriented architectures are not new. The
first service-oriented architecture can be considered to be DCOM (distributed
component object model) and Object Request Brokers (ORBs) based on the
CORBA (common object request broker architecture) specification [6]. If a
service-oriented architecture is to be effective, we need a clear understanding
of the term service. A service is a function that is well-defined, self-contained,
and does not depend on the context or state of other services.
The technology of web services is the most likely connection technology of
service-oriented architectures. Web services essentially use XML technology
to create a robust connection. A service consumer sends a service request
message to a service provider. The service provider returns a response message
to the service consumer. The request and subsequent response connections are
defined in some way that is understandable to both the service consumer and
service provider. A service provider can also be a service consumer. The Web
Services Description Language (WSDL) forms the basis for Web Services.
WSDL uses XML to define messages. The steps involved in providing and
consuming a service are the following.
