Cryptography in E-Mail and Web Services

Applied Cryptography for Cyber Security and Defense ◽

10.4018/978-1-61520-783-1.ch004 ◽

2011 ◽

pp. 79-129

Author(s):

Wasim A Al-Hamdani

Keyword(s):

Web Services ◽

Web Service ◽

Web Based ◽

Web Service Security ◽

Xml Signature ◽

Personal Use ◽

Remote System ◽

A Site ◽

Mail Service ◽

E Mail

Cryptography has been used since ancient times in many different shapes and forms to protect messages from being intercepted. However, since 1976, cryptography started to be part of protected public communication when e-mail became commonly used by the public. Webmail (or Web-based e-mail) is an e-mail service intended to be primarily accessed via a web browser, as opposed to through an e-mail client, such as Microsoft Outlook, Mozilla‘s Thunderbird Mail. Very popular webmail providers include Gmail, Yahoo! Mail, Hotmail and AOL. Web based email has its advantages, especially for people who travel. Email can be collected by simply visiting a website, negating the need for an email client, or to logon from home. Wherever a public terminal with Internet access exists one can check, sends and receive email quickly and easily. Another advantage of web based email is that it provides an alternate address allowing user to reserve his/her ISP address for personal use. If someone would like to subscribe to a newsletter, enter a drawing, register at a website, participate in chats, or send feedback to a site, a web based email address is the perfect answer. It will keep non-personal mail on a server for you to check when you wish, rather than filling up your private email box. Web service is defined as “a software system designed to support interoperable machine-to-machine interaction over a network”. Web services are frequently just Internet application programming interfaces (API) that can be accessed over a network, such as the Internet, and executed on a remote system hosting the requested services. Other approaches with nearly the same functionality as web services are Object Management Group‘s (OMG) Common Object Request Broker Architecture (CORBA), Microsoft‘s Distributed Component Object Model (DCOM) or SUN‘s Java/Remote Method Invocation (RMI). Integrating Encryption with web service could be performing in many ways such as: XML Encryption and XML Signature. In this article we present client and Web-based E-mail, next generation E-mail and secure E-mail, followed by cryptography in web service and the last part is the future of web service security. The article start with the integration of cryptography with E-mail client and web base then the integration of cryptography and web service is presented. At the end of the major two sections: e-mail service and web service there is a general prospect vision of encryption future for e-mail service and web service. This section presents our view for the cryptography integration with the second generation of e-mail and web service.

Download Full-text

Using SAML and XACML for Web Service Security&Privacy

Securing Web Services ◽

10.4018/978-1-59904-639-6.ch008 ◽

2008 ◽

pp. 182-205 ◽

Cited By ~ 7

Author(s):

Tuncay Namli ◽

Asuman Dogac

Keyword(s):

Web Services ◽

Access Control ◽

Web Service ◽

User Authentication ◽

Security And Privacy ◽

Web Service Security ◽

Technology Changes ◽

Attribute Information ◽

Healthcare Monitoring ◽

Service Standards

Web service technology changes the way of conducting business by opening their services to the whole business world over the networks. This property of Web services makes the security and privacy issues more important since the access to the services becomes easier. Many Web service standards are emerging to make Web services secure and privacy protected. This chapter discusses two of them; SAML (OASIS, 2005) and XACML (OASIS, 2005). SAML is an XML-based framework for communicating user authentication, entitlement, and attribute information. In other words, SAML handles the user authentication and also carries attribute information for authorization (access control). XACML is the complementary standard of OASIS to make the access control decisions. This work is realized within the scope of the IST 027074 SAPHIRE Project which is an intelligent healthcare monitoring and decision support system.

Download Full-text

Web Service Interfaces for Design Repositories

Volume 3: 25th Computers and Information in Engineering Conference, Parts A and B ◽

10.1115/detc2005-85386 ◽

2005 ◽

Author(s):

Joshua Shaffer ◽

Joseph B. Kopena ◽

William C. Regli

Keyword(s):

User Interface ◽

Web Services ◽

Web Service ◽

Engineering Design ◽

Search Algorithms ◽

Design Knowledge ◽

Important Goal ◽

Widespread Application ◽

Web Based ◽

Core Functionality

Reuse of design knowledge is an important goal in engineering design, and has received much attention. A substantial set of algorithms, methodology, and developed systems exist which support various aspects of this goal. However, the majority of these systems are built around a particular user interface, often some form of Web-based repository portal. The work described here presents search and other core functionality as web services rather than a monolithic repository system. These services may then be employed by a variety of applications, integrating them into interfaces familiar to the designer, extending functionality, streamlining their use, and enabling them to be employed throughout the design process. This paper demonstrates this approach by wrapping previously developed repository search algorithms as web services, and then using these within a plug-in for an existing commercial CAD environment. Based on issues encountered in developing this demonstration, this paper also discusses the challenges and potential approaches toward a more general, widespread application of web services in engineering design.

Download Full-text

A Web Based Data Processing Concept for Building Diagnostics and Performance Evaluation

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.887.641 ◽

2019 ◽

Vol 887 ◽

pp. 641-649

Author(s):

Matthias Schuss ◽

Farhang Tahmasebi ◽

Ardeshir Mahdavi

Keyword(s):

Performance Evaluation ◽

Web Services ◽

Data Processing ◽

Web Service ◽

Data Access ◽

Data Logging ◽

Time Data ◽

Web Based ◽

Related Service ◽

The Impact

Buildings are responsible for a major amount of the annual energy consumption. A detailed recording and evaluation of building data could provide a deeper understanding of building operation schemes and the corresponding performance. This could help building owners and operators to evaluate and better understand the actual situation. Based on this (real-time) data an optimized operation scheme can be designed and implemented for future time steps. Additionally, a more detailed understanding of the impact of previous building systems interactions will be possible. The building automation industry and the related service provider sector are actually providing proprietary solutions for data logging, visualization and energy optimization. Such solutions are regularly integrated into their own specific software of the used proprietary building management solutions. As an alternative, we suggest an Internet of Things (IoT) and web services inspired concept for the implementation of a generic web service for building diagnostics. Our suggestion encompasses a holistic performance evaluation that considers both the energy consumptions and delivered building service. In this contribution, a general design of a web service based solution is presented and the future possibilities for data access from various sources are discussed. Furthermore, details of actually developed and demonstratively implemented software components for data preprocessing are presented. Data processing examples for different types of data are included and highlight the potential of such web-based approaches. Moreover, possibilities for improved building control by the use of web services for operation schedule generation or model predictive control are illustrated and critically debated.

Download Full-text

Web service-based grid resource discovery

10.32920/ryerson.14663736.v1 ◽

2021 ◽

Author(s):

Syed Saadat Bokhari

Keyword(s):

Web Services ◽

Web Service ◽

Resource Discovery ◽

The Internet ◽

Application Layer ◽

Grid Resource ◽

Web Based ◽

Grid Resource Discovery

This thesis proposes a single and scalable web-based model for grid resource discovery for the Internet. The proposed resource discovery model contains the metadata and resource finder web services. The information of resource finder web services is kept in the repositories that are distributed in the application layer of [sic] Internet. The resource finder web services will be discovered by sending queries to the repositories in a similar way as the DNS protocol. The underlying technology for implementation of the two architectures of this model is introduced.

Download Full-text

Enhancing Security Modeling for Web Services Using Delegation and Pass-On

International Journal of Web Services Research ◽

10.4018/jwsr.2010010101 ◽

2010 ◽

Vol 7 (1) ◽

pp. 1-21 ◽

Cited By ~ 4

Author(s):

Wei She ◽

I-Ling Yen ◽

Bhavani Thuraisingham

Keyword(s):

Web Services ◽

Web Service ◽

Information Flow ◽

Security Model ◽

Security Issues ◽

Web Service Security ◽

Security Models ◽

Composite Services ◽

Service Environments ◽

Security Standards

In recent years, security issues in web service environments have been widely studied and various security standards and models have been proposed. However, most of these standards and models focus on individual web services and do not consider the security issues in composite services. In this article, the authors propose an enhanced security model to control the information flow in service chains. It extends the basic web service security models by introducing the concepts of delegation and pass-on. Based on these concepts, new certificates, certificate chains, delegation and pass-on policies, and how they are used to control the information flow are discussed. The authors also introduce a case study from a healthcare information system to illustrate the protocols.

Download Full-text

Google

Online Consumer Protection ◽

10.4018/978-1-60566-012-7.ch001 ◽

2009 ◽

pp. 1-15

Author(s):

Andrew Pauxtis

Keyword(s):

Web Sites ◽

Search Engines ◽

Personal Space ◽

Main Stream ◽

Personal Privacy ◽

End User ◽

Internet Service ◽

Web Based ◽

Mail Service ◽

E Mail

What began as simple homepages that listed favorite Web sites in the early 1990’s have grown into some of the most sophisticated, enormous collections of searchable, organized data in history. These Web sites are search engines—the golden gateways to the Internet—and they are used by virtually everyone. Search engines, particularly Google, log and stamp each and every search made by end-users and use that collected data for their own purposes. The data is used for an assortment of business advantages, some which the general population is not privy too, and most of which the casual end-user is typically unfamiliar with. In a world where technology gives users many conveniences, one must weigh the benefits of those conveniences against the potential intrusions of personal privacy. Google’s main stream of revenue is their content-targeted “AdWords” program. AdWords—while not a direct instance of personal privacy breach—marks a growing trend in invading personal space in order to deliver personalized content. Gmail, Google’s free Web-based e-mail service, marked a new evolution in these procedures, scanning personal e-mail messages to deliver targeted advertisements. Google has an appetite for data, and their hundreds of millions of users deliver that every week. With their eyes on moving into radio, television, print, establishing an Internet service provider, furthering yet the technology of AdWords, as well as creating and furthering technology in many other ventures, one must back up and examine the potential privacy and intrusion risks associated with the technological conveniences being provided.

Download Full-text

Enhancing Security Modeling for Web Services Using Delegation and Pass-On

Web Service Composition and New Frameworks in Designing Semantics ◽

10.4018/978-1-4666-1942-5.ch013 ◽

2012 ◽

pp. 286-307

Author(s):

Wei She ◽

I-Ling Yen ◽

Bhavani Thuraisingham

Keyword(s):

Web Services ◽

Web Service ◽

Information Flow ◽

Security Model ◽

Security Issues ◽

Web Service Security ◽

Security Models ◽

Composite Services ◽

Service Environments ◽

Security Standards

Download Full-text

Certification and Security Issues in Biomedical Grid Portals

IT Policy and Ethics ◽

10.4018/978-1-4666-2919-6.ch062 ◽

2013 ◽

pp. 1377-1399

Author(s):

Charalampos Doukas ◽

Ilias Maglogiannis ◽

Aristotle Chatziioannou

Keyword(s):

Web Service ◽

User Authentication ◽

Data Encryption ◽

Proper Function ◽

Sensitive Data ◽

Web Based ◽

Security Issues ◽

Web Service Security ◽

Security Infrastructure ◽

Secure Authentication

User authentication and data security are very important aspects for the deployment and proper function of biomedical grid portals, since both sensitive data issues and controlled access to grid resources must be addressed. This chapter discusses certification and security issues in biomedical grid portals and presents the security infrastructure of GRISSOM (Grids for In Silico Systems biology and Medicine) platform. The platform consists of a web-based portal and a Web Service that enables statistical analysis of microarray cDNA data with the use of EGEE Grid infrastructure. The security infrastructure addresses user authentication and access issues, data encryption, Grid secure access and Web Service Security. The appendix of the chapter contains code snapshots on how to implement secure authentication in Web Services and create user SSL certificates on demand.

Download Full-text

Web services and web service security standards

Information Security Technical Report ◽

10.1016/j.istr.2004.11.001 ◽

2005 ◽

Vol 10 (1) ◽

pp. 15-24 ◽

Cited By ~ 16

Author(s):

Christian Geuer-Pollmann ◽

Joris Claessens

Keyword(s):

Web Services ◽

Web Service ◽

Web Service Security ◽

Security Standards

Download Full-text

IMPLEMENTASI WEB SERVICE UNTUK PERANCANGAN APLIKASI ZOOPEDIA BERBASIS ANDROID

10.31219/osf.io/a7eqf ◽

2021 ◽

Author(s):

Angger Binuko Paksi

Keyword(s):

Web Services ◽

Web Service ◽

Information Exchange ◽

Large Scale ◽

Web Applications ◽

The Internet ◽

Bandwidth Utilization ◽

Web Based ◽

High Bandwidth ◽

Using Data

The need for the utilization of information via the internet , making the flow of information exchange through the Internet increased rapidly . This makes the need for very high bandwidth availability . The development of the software could not be separated from the need for it . In large-scale distributed computing environments , which are sought bandwidth utilization as efficient as possible , because the availability of Internet infrastructure does not run as fast as the need for information exchange space.Web services allow two applications to communicate with each other despite the different application platforms . By using Web services , the Java platform applications can communicate with a PHP application platform . In designing applications based on android Zoopedia will utilize web services to access data in a web -based server . That way when there is an update the data in the application server zoopedia will also update the data.With the implementation of web service technology in mobile applications integrated with web applications , is expected to provide application Zoopedia effectiveness and efficiency in the distribution of data , can be developed by many people who want to develop applications by using data that has been provided by the web service . With the restrictions on data sharing web service is expected to reduce the possibility of destruction of data by parties that are not desirable.

Download Full-text