Applying Sanitizable Signature to Web-Service-Enabled Business Processes: Going Beyond Integrity Protection

This paper studies the scenario where data in business documents is aggregated by different entities via the use of web services in streamlined business processes. The documents are transported within the Simple Object Access Protocol (SOAP) messages and travel through multiple intermediary entities...

Full description

Saved in:
Bibliographic Details
Main Authors: TAN, Kar Way, DENG, Robert H.
Format: text
Language:English
Published: Institutional Knowledge at Singapore Management University 2009
Subjects:
Online Access:https://ink.library.smu.edu.sg/sis_research/463
https://ink.library.smu.edu.sg/context/sis_research/article/1462/viewcontent/01._ICWS2009_Applying_Sanitizable_Signature_to_Web_Service_Enabled_Business_Processes__Going_Beyond_Integrity_Protection.pdf
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Singapore Management University
Language: English
id sg-smu-ink.sis_research-1462
record_format dspace
spelling sg-smu-ink.sis_research-14622018-01-12T03:10:55Z Applying Sanitizable Signature to Web-Service-Enabled Business Processes: Going Beyond Integrity Protection TAN, Kar Way DENG, Robert H. This paper studies the scenario where data in business documents is aggregated by different entities via the use of web services in streamlined business processes. The documents are transported within the Simple Object Access Protocol (SOAP) messages and travel through multiple intermediary entities, each potentially makes changes to the data in the documents. The WS-Security provides integrity protection by allowing portions of a SOAP message to be signed using eXtensible Markup Language (XML) signature scheme. This method however, has not considered the situation where a portion of data may be modified by another entity, therefore a need to allow the originating system to control which intermediary entity is authorized to change which portion of the data. The XML signature scheme also does not provide the final recipient the trust for the intermediary entity that makes the changes. In our paper, we study the security requirements for a streamlined business process, and proposes a novel scheme using sanitizable signature on SOAP messages to complement the XML signature to address not only integrity protection but also control of change as well as establishment of trust for intermediary entities. We show how the proposed scheme can be incorporated into the existing standards and be customizable to achieve flexible use of both the vanilla and sanitizable signatures as required in a business scenario. With the proposed technique, IT systems can be more loosely coupled and reap the benefits of distributed systems, such as delegation of work and encapsulation of business logic. 2009-06-01T07:00:00Z text application/pdf https://ink.library.smu.edu.sg/sis_research/463 info:doi/10.1109/ICWS.2009.34 https://ink.library.smu.edu.sg/context/sis_research/article/1462/viewcontent/01._ICWS2009_Applying_Sanitizable_Signature_to_Web_Service_Enabled_Business_Processes__Going_Beyond_Integrity_Protection.pdf http://creativecommons.org/licenses/by-nc-nd/4.0/ Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University Web services integrity protection SOAP message security XML signature Information Security
institution Singapore Management University
building SMU Libraries
continent Asia
country Singapore
Singapore
content_provider SMU Libraries
collection InK@SMU
language English
topic Web services
integrity protection
SOAP message security
XML signature
Information Security
spellingShingle Web services
integrity protection
SOAP message security
XML signature
Information Security
TAN, Kar Way
DENG, Robert H.
Applying Sanitizable Signature to Web-Service-Enabled Business Processes: Going Beyond Integrity Protection
description This paper studies the scenario where data in business documents is aggregated by different entities via the use of web services in streamlined business processes. The documents are transported within the Simple Object Access Protocol (SOAP) messages and travel through multiple intermediary entities, each potentially makes changes to the data in the documents. The WS-Security provides integrity protection by allowing portions of a SOAP message to be signed using eXtensible Markup Language (XML) signature scheme. This method however, has not considered the situation where a portion of data may be modified by another entity, therefore a need to allow the originating system to control which intermediary entity is authorized to change which portion of the data. The XML signature scheme also does not provide the final recipient the trust for the intermediary entity that makes the changes. In our paper, we study the security requirements for a streamlined business process, and proposes a novel scheme using sanitizable signature on SOAP messages to complement the XML signature to address not only integrity protection but also control of change as well as establishment of trust for intermediary entities. We show how the proposed scheme can be incorporated into the existing standards and be customizable to achieve flexible use of both the vanilla and sanitizable signatures as required in a business scenario. With the proposed technique, IT systems can be more loosely coupled and reap the benefits of distributed systems, such as delegation of work and encapsulation of business logic.
format text
author TAN, Kar Way
DENG, Robert H.
author_facet TAN, Kar Way
DENG, Robert H.
author_sort TAN, Kar Way
title Applying Sanitizable Signature to Web-Service-Enabled Business Processes: Going Beyond Integrity Protection
title_short Applying Sanitizable Signature to Web-Service-Enabled Business Processes: Going Beyond Integrity Protection
title_full Applying Sanitizable Signature to Web-Service-Enabled Business Processes: Going Beyond Integrity Protection
title_fullStr Applying Sanitizable Signature to Web-Service-Enabled Business Processes: Going Beyond Integrity Protection
title_full_unstemmed Applying Sanitizable Signature to Web-Service-Enabled Business Processes: Going Beyond Integrity Protection
title_sort applying sanitizable signature to web-service-enabled business processes: going beyond integrity protection
publisher Institutional Knowledge at Singapore Management University
publishDate 2009
url https://ink.library.smu.edu.sg/sis_research/463
https://ink.library.smu.edu.sg/context/sis_research/article/1462/viewcontent/01._ICWS2009_Applying_Sanitizable_Signature_to_Web_Service_Enabled_Business_Processes__Going_Beyond_Integrity_Protection.pdf
_version_ 1770570435144974336