Security and Privacy Technologies in सोया

Since 1998, the Extensible Markup Language (XML) has become a fundamental platform to build technologies on the Web. XML is used to represent fine-grained data that originates in repositories in machine-readable format by providing structure and the possibility of adding type information. A Web service is a software system that supports interoperable application-to-application interaction over the Web. Web services are fundamentally based on a set of XML standards, such as Web Services Description Language (WSDL), Simple Object Access Protocol (SOAP), and Universal Description, Discovery, and Integration (UDDI). The result of this approach is called service-oriented architecture (SOA).
This new architecture and set of protocols presents new security challenges such as confidentiality, integrity, anonymity, authentication, authorization, and availability. Several security solutions for Web services data have been proposed such as WS-Security and Security Assertion Markup Language (SAML). Privacy is one area of security; it is a state or condition of limited access to information. Privacy can often be guaranteed through security measures. To enable privacy protection for Web services, the World Wide Web Consortium published a document called "Web Services Architecture (WSA) Requirements" that defines some specific privacy requirements for Web services as a future research topic.
I have selected six articles to introduce you the relevant research works in the past five years. The article "Standards for XML and Web Services Security" by Martin Naedele presents a fundamental concept of XML with security protocols in Web services. The next the two articles—"Towards Standardized Web Services Privacy Technologies" and "Privacy Policy Compliance for Web Services"—discuss the basic components to implement a privacy framework in SOA. In "Exploring Privacy Issues in Web Services Discovery Agencies," Barbara Carminati and her colleagues address the privacy issues in service discovery.
One of the mandates of SOA is to support business processes. Wei Xu et al. discuss the composition of Web services to support business processes with privacy requirements in "A Framework for Building Privacy-Conscious Composite Web Services." Finally, the article "A Privacy Agreement Model for Web Services" by Salima Benbernou et al. discuss the privacy agreements in Web services to support business processes.
The readings in this TechSet will provide you with an understanding of how security and privacy issues are very critical to implement a full-scale SOA to support business processes.
Keywords: XML, standards, Web services security, privacy policies, UDDI, WSDL, SOAP, WS-Security, EPAL, P3P, Web services architecture, privacy issues, discovery agencies, service descriptions
Table of Contents
Standards for XML and Web Services Security
Martin Naedele, ABB Corporate Research
Summary: Several standards are establishing a framework for integrating security into domain-specific XML-based applications.
Towards Standardized Web Services Privacy Technologies
Patrick C. K. Hung, University of Ontario Institute of Technology, Canada
Elena Ferrari and Barbara Carminati, Universit� dell'Insubria at Como, Italy
Summary: To enable privacy protection for Web service consumers, the World Wide Web Consortium published a document that defines some specific privacy requirements for Web services. This article overviews the research issues of Web services privacy technologies.
Privacy Policy Compliance for Web Services
George Yee and Larry Korba, National Research Council Canada
Summary: This article examines privacy legislation to derive requirements for privacy policy compliance systems. The authors propose an architecture for a privacy policy compliance system that satisfies these requirements.
Exploring Privacy Issues in Web Services Discovery Agencies
Barbara Carminati, University of Insubria at Como, Italy
Elena Ferrari, University of Insubria at Como, Italy
Patrick C.K. Hung, University of Ontario Institute of Technology (UOIT), Canada
Summary: The increasing discussions concerning Web services privacy often neglect a key building block of the Web services architecture: discovery agencies. This overview of discovery agency privacy issues highlights the various challenges and proposes different technical approaches for addressing them.
A Framework for Building Privacy-Conscious Composite Web Services
Wei Xu, R. Sekar, I.V. Ramakrishnan, Stony Brook University
V.N. Venkatakrishnan, University of Illinois at Chicago
Summary: The authors propose a framework that addresses consumer privacy concerns in the context of highly customizable composite Web services. Their approach uses automated techniques to check for compliance of consumer privacy policies.
A Privacy Agreement Model for Web Services
Salima Benbernou, Hassina Meziane, Mohand-Said Hacid, Universit'e de Lyon
Yin Hua Li, University New South Wales
Summary: Privacy policies do not convince individuals to disclose their personal data, guarantee the protection of personal information, or provide a process for handling a possible evolution of the policies. The authors propose a framework based on a privacy agreement to help solve these problems. Recommended Resources -->