Applying Sanitizable Signature to Web-Service-Enabled Business Processes: Going Beyond Integrity Protection
This paper studies the scenario where data in business documents is aggregated by different entities via the use of web services in streamlined business processes. The documents are transported within the Simple Object Access Protocol (SOAP) messages and travel through multiple intermediary entities...
Saved in:
Main Authors: | , |
---|---|
Format: | text |
Language: | English |
Published: |
Institutional Knowledge at Singapore Management University
2009
|
Subjects: | |
Online Access: | https://ink.library.smu.edu.sg/sis_research/463 https://ink.library.smu.edu.sg/context/sis_research/article/1462/viewcontent/01._ICWS2009_Applying_Sanitizable_Signature_to_Web_Service_Enabled_Business_Processes__Going_Beyond_Integrity_Protection.pdf |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
Institution: | Singapore Management University |
Language: | English |
id |
sg-smu-ink.sis_research-1462 |
---|---|
record_format |
dspace |
spelling |
sg-smu-ink.sis_research-14622018-01-12T03:10:55Z Applying Sanitizable Signature to Web-Service-Enabled Business Processes: Going Beyond Integrity Protection TAN, Kar Way DENG, Robert H. This paper studies the scenario where data in business documents is aggregated by different entities via the use of web services in streamlined business processes. The documents are transported within the Simple Object Access Protocol (SOAP) messages and travel through multiple intermediary entities, each potentially makes changes to the data in the documents. The WS-Security provides integrity protection by allowing portions of a SOAP message to be signed using eXtensible Markup Language (XML) signature scheme. This method however, has not considered the situation where a portion of data may be modified by another entity, therefore a need to allow the originating system to control which intermediary entity is authorized to change which portion of the data. The XML signature scheme also does not provide the final recipient the trust for the intermediary entity that makes the changes. In our paper, we study the security requirements for a streamlined business process, and proposes a novel scheme using sanitizable signature on SOAP messages to complement the XML signature to address not only integrity protection but also control of change as well as establishment of trust for intermediary entities. We show how the proposed scheme can be incorporated into the existing standards and be customizable to achieve flexible use of both the vanilla and sanitizable signatures as required in a business scenario. With the proposed technique, IT systems can be more loosely coupled and reap the benefits of distributed systems, such as delegation of work and encapsulation of business logic. 2009-06-01T07:00:00Z text application/pdf https://ink.library.smu.edu.sg/sis_research/463 info:doi/10.1109/ICWS.2009.34 https://ink.library.smu.edu.sg/context/sis_research/article/1462/viewcontent/01._ICWS2009_Applying_Sanitizable_Signature_to_Web_Service_Enabled_Business_Processes__Going_Beyond_Integrity_Protection.pdf http://creativecommons.org/licenses/by-nc-nd/4.0/ Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University Web services integrity protection SOAP message security XML signature Information Security |
institution |
Singapore Management University |
building |
SMU Libraries |
continent |
Asia |
country |
Singapore Singapore |
content_provider |
SMU Libraries |
collection |
InK@SMU |
language |
English |
topic |
Web services integrity protection SOAP message security XML signature Information Security |
spellingShingle |
Web services integrity protection SOAP message security XML signature Information Security TAN, Kar Way DENG, Robert H. Applying Sanitizable Signature to Web-Service-Enabled Business Processes: Going Beyond Integrity Protection |
description |
This paper studies the scenario where data in business documents is aggregated by different entities via the use of web services in streamlined business processes. The documents are transported within the Simple Object Access Protocol (SOAP) messages and travel through multiple intermediary entities, each potentially makes changes to the data in the documents. The WS-Security provides integrity protection by allowing portions of a SOAP message to be signed using eXtensible Markup Language (XML) signature scheme. This method however, has not considered the situation where a portion of data may be modified by another entity, therefore a need to allow the originating system to control which intermediary entity is authorized to change which portion of the data. The XML signature scheme also does not provide the final recipient the trust for the intermediary entity that makes the changes. In our paper, we study the security requirements for a streamlined business process, and proposes a novel scheme using sanitizable signature on SOAP messages to complement the XML signature to address not only integrity protection but also control of change as well as establishment of trust for intermediary entities. We show how the proposed scheme can be incorporated into the existing standards and be customizable to achieve flexible use of both the vanilla and sanitizable signatures as required in a business scenario. With the proposed technique, IT systems can be more loosely coupled and reap the benefits of distributed systems, such as delegation of work and encapsulation of business logic. |
format |
text |
author |
TAN, Kar Way DENG, Robert H. |
author_facet |
TAN, Kar Way DENG, Robert H. |
author_sort |
TAN, Kar Way |
title |
Applying Sanitizable Signature to Web-Service-Enabled Business Processes: Going Beyond Integrity Protection |
title_short |
Applying Sanitizable Signature to Web-Service-Enabled Business Processes: Going Beyond Integrity Protection |
title_full |
Applying Sanitizable Signature to Web-Service-Enabled Business Processes: Going Beyond Integrity Protection |
title_fullStr |
Applying Sanitizable Signature to Web-Service-Enabled Business Processes: Going Beyond Integrity Protection |
title_full_unstemmed |
Applying Sanitizable Signature to Web-Service-Enabled Business Processes: Going Beyond Integrity Protection |
title_sort |
applying sanitizable signature to web-service-enabled business processes: going beyond integrity protection |
publisher |
Institutional Knowledge at Singapore Management University |
publishDate |
2009 |
url |
https://ink.library.smu.edu.sg/sis_research/463 https://ink.library.smu.edu.sg/context/sis_research/article/1462/viewcontent/01._ICWS2009_Applying_Sanitizable_Signature_to_Web_Service_Enabled_Business_Processes__Going_Beyond_Integrity_Protection.pdf |
_version_ |
1770570435144974336 |