An Enhanced Security Mechanism for Web Service Based Systems

Web service technologies have been widely used in diverse applications. However, there are still many security challenges in reliability, confidentiality and data nonrepudiation, which are prominent especially in some Web service systems that have massive resources in diverse forms. An enhanced mechanism for secure accesses of Web resources is presented and implemented based on the combination of modules of identity authentication, authorized access, and secure transmission to improve the security level of these systems. In the identity authentication, the highly safe and recognized authentication method U-Key is used. For the aspect of authorized access, the integration of an improved Spring Security framework and J2EE architecture is applied to ensure authorized access to Web resources, while the security interceptor of Spring Security is extended and a series of security filters are added to keep web attacks away. Moreover, some improvements of the XML encryption and XML decryption algorithm are made to enhance the security and speed of data transmission, by means of mixing RSA and DES algorithm. The above security mechanism has been applied to an online virtual experiment platform based on Web services named VeePalms. The experimental results show that most security problems with high severity in the system have been solved and medium-low severe problems degreased dramatically.