Security protection using simple object access protocol (SOAP) messages techniques

Abstract

Web services are modular and distributed applications and are based on industry standard technologies. Nowadays, a message traveling through Internet is relatively simple to be read or modified. This is due to the complexity of network and the existence of many points of attack. SOAP is a protocol specification for invoking methods on servers, services, components and objects, a way to create widely distributed complex computing environments that run over the Internet using existing Internet infrastructure. SOAP is about applications communicating directly with each other over the Internet in a very rich way. The simple object access protocol (SOAP), allows communication across heterogeneous platforms. Some of the security procedures (authentication, authorization and encryption) are needed to represent a Web service protocols. Sensitive information is used across the network. This paper focuses on the attacks of the message by intruders and how to prevent these messages when they are exchange data between server and clients, or when traveling queries through the application web service. Where protocol binding framework used to allow SOAP messages to be transported using different protocols (HTTP, SMTP,...) The development of security infrastructure to provide secure communications among users using "encryption" for SOAP messages for queries transfer, and establishment of aframework to develop security applications and other information queries, to solve the problem of many attacks as an intruders. The .Net framework used to transmit queries between server and clients through the encrypted SOAP messages using agent system and depending on the XMLP-based protocols.