Realization of Threats and Countermeasure in Semantic Web Services

Abstract

Semantic Web services (SWS) are worn by large number of companies as they rendering products and services to customers and business partners throughout the Internet and corporate extranets. The security necessities for these service providers are of supreme importance. Platform-based security services are provided by operating system. Internet Information Services can be used to offer point-to-point business solutions. However message based architecture of SWS is increasingly being used, so new challenges automatically inherited from previous one. All these scenarios require security to be deal with at the message level, transmission level and mutual authentication to carry out cross-platform interoperability and routing through multiple middle level agent nodes. Semantic Web service environment (SWSE) need to implement different level security solutions for including authentication, identification, privacy and data integrity. The threats of network eavesdropping or information disclosure at intermediate application nodes must be addressed if our SWS requests or responses messages convey sensitive application data as credit card numbers, SSN number, employee details, and so on. We will discuss various categories of vulnerabilities and find out causes of threats. Countermeasures will be part of our discussion like Symmetric encryption using shared keys, asymmetric encryption using X.509 certificates, and Digital signature.