Secure model for soap message communication in web services

Abstract

Simple object access protocol (SOAP) is the communication protocol used by web services to communicate between systems. Since SOAP messages have the ability to bypass firewalls and directly get processed by web servers, their security is critical to the security of the web servers. Secure transit of SOAP messages plays a critical role for the applicability of web services. At present, internet users authenticate themselves using credential are vulnerable to security threats in presence of active attackers. This imposes a burden on users to manage their credentials in different ways. Along with the thorough development and application for web services, the security of it has taken people's attention more and more. While web services security (WSS) can exchange safe SOAP message and enhance the security of web services, it will also have certain influence to the performance of web services. This paper explore the security vulnerability of SOAP message transaction and taking advantage of the existing technologies and solutions related to SOAP and web services, we developing a highly developed security model. This model is useful for solving the problem between security and performance contradiction.