Abstract Web services are quickly becoming the most popular tool for distributed computing. Due to this popularity a comprehensive security architecture is needed. In this paper we introduced such a comprehensive architecture that includesin addition to the standard services of integrity and confidentiality- authentication, authorization and a defense against denial of service attacks. This model builds on existing standards such as... Web services are quickly becoming the most popular tool for distributed computing. Due to this popularity a comprehensive security architecture is needed. In this paper we introduced such a comprehensive architecture that includesin addition to the standard services of integrity and confidentiality- authentication, authorization and a defense against denial of service attacks. This model builds on existing standards such as SOAP, WSS and XACML. A detailed implementation with performance evaluation using the open source Apache tools is also discussed. Read More Read Less

Abstract Several researches have been proposed over the past years to specify a selective access control for XML document. However, most of the previous researches only consider read privilege while specifying XML access control when access control policies support update rights is untouched. Therefore, a challenging issue is how to define an XML access control model to handle update operations that... Several researches have been proposed over the past years to specify a selective access control for XML document. However, most of the previous researches only consider read privilege while specifying XML access control when access control policies support update rights is untouched. Therefore, a challenging issue is how to define an XML access control model to handle update operations that include insertion, deletion, and modification. In this study, we propose an XML access control model to support update privileges. Moreover, we formalize update operations supported by our proposed XML access control model based on the different default and conflict resolution policies which are applied to them. Read More Read Less

Abstract In today’s mobile communication systems, security offered by the network operator is often limited to the wireless link. This means that data delivered through mobile networks are not sufficiently protected. In the particular growing field of interest of machine-to-machine (M2M) communications, these applications typically require a mobile, secure and reliable means of data communication. This paper compared two (2) cryptographic... In today’s mobile communication systems, security offered by the network operator is often limited to the wireless link. This means that data delivered through mobile networks are not sufficiently protected. In the particular growing field of interest of machine-to-machine (M2M) communications, these applications typically require a mobile, secure and reliable means of data communication. This paper compared two (2) cryptographic mechanisms, the RSA-AES and the AES-EAX PSK which provide end-to-end security for SMS-based transmission. We implemented these two (2) mechanisms assuming the constraints of standard SMS network and measured their performance in terms of transaction time. Our study indicated that in terms of processing time, the Authenticated Encryption and Associate Data (AEAD) modes represented by EAX performed better even when the digital signature of the Public Key Infrastructure (PKI) mode represented by RSA was not included. Read More Read Less

Abstract The paper provides an overview of three common virtualization threats that have been observed in log files in the authors' network and suggests solutions to mitigate those security vulnerabilities. The solutions offered have been implemented on a network with over 200 hosts 40 of which are virtualized.... The paper provides an overview of three common virtualization threats that have been observed in log files in the authors' network and suggests solutions to mitigate those security vulnerabilities. The solutions offered have been implemented on a network with over 200 hosts 40 of which are virtualized. Read More Read Less

Abstract Web services are composable, interoperable, and autonomous which means that a single web service interaction could involve services written in several different languages provided by several different service providers. Such interactions hamper the development of RTS techniques because RTS techniques generally require some form of implementation details which service providers in separate autonomous systems are unlikely to expose. In this... Web services are composable, interoperable, and autonomous which means that a single web service interaction could involve services written in several different languages provided by several different service providers. Such interactions hamper the development of RTS techniques because RTS techniques generally require some form of implementation details which service providers in separate autonomous systems are unlikely to expose. In this work, a privacy-aware, end-to-end regression testing framework employing a RTS technique using Control-Flow Graphs (CFGs) built using only locally available information at each service and a publish/subscribe mechanism will be presented. The proposed framework is unique because it does not require service providers to expose private and sensitive implementation details in order to participate in the regression testing framework. Also, a case study will be presented to highlight the approach and an empirical study is performed to evaluate the cost-effectiveness of the approach. Read More Read Less