Open AccessSecurity enhancements for UDDI
Author(s) -
O'Ree Alexander J.,
Obaidat Mohammed S.
Publication year - 2011
Publication title -
security and communication networks
Language(s) - English
Resource type - Journals
SCImago Journal Rank - 0.446
H-Index - 43
eISSN - 1939-0122
pISSN - 1939-0114
DOI - 10.1002/sec.217
Subject(s) - computer science , xml , web service , soap , ws i basic profile , world wide web , service oriented architecture , computer security , web application security , architecture , computer security model , database , web development , art , visual arts
The universal description, discovery, and integration (UDDI) OASIS standard, was designed for storing, publishing, and advertising information about XML web services. Commonly used in service oriented architecture (SOA) infrastructures, the security of UDDI is often overlooked. Embedded within the specification are “optional” security measures that are commonly not implemented or enforced. In this paper we describe the UDDI security model, potential security related concerns, and mitigation strategies. Preliminary performance evaluation results are presented to show the merits of our proposed scheme. Finally, an example of the registry with additional security constraints is analyzed and evaluated for performance. Copyright © 2011 John Wiley & Sons, Ltd.