Using mobile phones to access Web Services in a secure way. Dan Marinescu
|
|
- Willis Jacobs
- 8 years ago
- Views:
Transcription
1 Using mobile phones to access Web Services in a secure way Dan Marinescu March 7, 2007
2 Abstract Web Services is a technology that has gained in acceptance and popularity over the past years. The promise of providing interoperability in a heterogeneous world, as well as the possibility of offloading operations that require high processing power, make the mobile phones an ideal target device for accessing web services. But along with these advantages come security concerns. This article presents how Web Services can be accessed using a mobile phone, and how the communication between the web service and the mobile phone client can be secured.
3 Contents 1 Introduction 2 2 Background JavaME Web Services Accessing Web Services using the JavaME Web Services API Introduction to the J2ME Web Services API Using the JavaME Web Services API Security and Trust Services API: Providing security for JavaME applications Introduction to the Security and Trust Services API Using SATSA PKI to secure the communication with Web Services Discussion and Conclusion 12 1
4 1 Introduction In this article, the Java Platform, Micro Edition (JavaME) will be used to demonstrate how a mobile phone and a Web Service can communicate in a secure way. Section 2 briefly introduces the JavaME Platform and the basic concepts behind Web Services. Afterwards, in Section 3, the JavaME Web Services API will be presented, together with an example of how to access a Web Service using this API. Section 4 introduces the JavaME Security and Trust Services API and extends the previous example by using this API to secure the communication between the mobile phone and the Web Service. Finally, Section 5 concludes this article. 2
5 2 Background 2.1 JavaME JavaME is an application platform for mobile devices. Developers using JavaME can develop applications, using the Java language, that are portable across a long range of mobile devices (like PDAs, TV set-top boxes and of course mobile phones) and operating systems. A further discussion of JavaME is outside the purpose of this article. More information regarding JavaME can be found at jsp. 2.2 Web Services In order to be accessed by a client, a Web Service needs to be developed and deployed in a way that is understandable for the client. The Web Services Description Language (WSDL) is an XML-based language used to describe a public interface for a Web Service. This includes information like the address where the Web Service is located and the publicly available functions it provides. After a Web Service has been deployed, it can be accessed by a client. The communication between the client and the Web Service takes place using SOAP, an XML-based protocol used to exchange object data. Although SOAP can be used in conjunction with several transport protocols like SMTP or FTP, it is HTTP that is becoming the standard way of transporting SOAP. 3
6 3 Accessing Web Services using the JavaME Web Services API 3.1 Introduction to the J2ME Web Services API The Java ME Web Services API (WSA) is defined through the Java Community Process as Java Specification Request (JSR) 172. Its purpose is to provide mobile applications written in Java with a way of accessing Web Services, and it does that by providing two optional packages: A package for XML processing, based on the Simple API for XML 2 (SAX2) 1 and the Java API for XML Processing (JAXP) 2 A package for remote service invocation, representing a subset of the Java API for XML-based RPC version 1.1 (JAX-RPC 1.1) 3 For the purpose of this article we will focus on the second package, namely the JAX-RPC 1.1 subset. Figure 1 shows the common components of a JavaME application that consumes Web Services using WSA. The two main components that are communicating are the service provider (also known as the endpoint) and the service consumer (also called the client). They communicate over the network by using SOAP encoded messages, typically transported over HTTP. Figure 1: The components of a mobile application consuming Web Services with JavaME WSA [2] 1 see for more information 2 see for more information 3 see for more information 4
7 On the service provider side, the services represent the business logic and are hosted inside a so-called SOAP engine. The SOAP engine provides the JAX-RPC SOAP runtime for service invocation. The ties component represent the proxy classes responsible for marshalling and unmarshalling data. Requests and responses are, in this case, transported over the Web by means of a Web Server. The service consumer side is located inside the mobile device. According to the JSR 172 specification, the JAX-RPC runtime is embedded in the device by the manufacturer. On top of that are the client stubs, which represent the remote service, thereby hiding the complexity of data-encoding and communication with the service. The application logic uses the stubs to access the services as if it would be locally (from the applications point of view) located. Note that WSA provides only a subset of JAX-RPC 1.1. This involves some limitations, among which no support for SOAP Message Handlers and the possibility of accessing SOAP Endpoints only in document/literal modus. 3.2 Using the JavaME Web Services API Now that the basic concepts behind WSA have been introduced, let s see an example of how this API can be used to access a Web Service. In this example, the mobile client will access a Broker Web Service that buys stocks on behalf of the client. The client does that by calling the method buy(string identifier), just like in Figure 2. In order to keep this example simple, the only parameter of the buy() method is an identifier which contains information regarding the customer, the type and amount of stocks to be bought. The Web Service answers by confirming that the stocks were bought. Figure 2: Example: Mobile client calls the Broker Web Service 5
8 The first step in developing the client is generating the client stubs. This can be achieved by using the stub generator that comes with the Sun Java Wireless Toolkit 2.5. As shown in Figure 3, the stub generator needs to be provided with the URL of the WSDL file, the output path and the name of the package where the stub files will be generated. Figure 3: Example: Mobile client calls the Broker Web Service In this example, two files are generated: BrokerWS_Stub.java and BrokerWS.java. The BrokerWS.java is an interface which provides the signature of the buy() method provided by the Broker Web Service. The BrokerWS_Stub class implements this interface, as well as the javax.xml.rpc.stub interface and masks the entire complexity of the remote method invocation. Since these files are automatically generated, it is not recommended to edit and modify them. 6
9 Once the stubs have been generated, an object of type BrokerWS_Stub can be instantiated in the application code, just like in line 2 of Listing 1. In line 3, the target service endpoint address is specified by using the _setproperty() method, while in line 4 is indicated that the client wants to participate in a session with a service endpoint. After these configuration steps, the buy() method can be called. Line 5 shows that, from the client applications point of view, the call takes place just like a normal local call. The String response contains the answer of the Web Service SecureBrokerWS_Stub service = new SecureBrokerWS_Stub (); 3 service. _setproperty ( Stub. ENDPOINT_ADDRESS_PROPERTY, serviceurl ); 4 service. _setproperty ( Stub. SESSION_MAINTAIN_PROPERTY, new Boolean ( true )); 5 String response = service. buy (" fooid "); 6... Listing 1: Calling the Broker Web Service by using the stubs in the application code This example shows how simple it is to use WSA together with the Sun Java Wireless Toolkit 2.5 for accessing Web Services. After the stubs were automatically generated, it only took 4 lines of code to call the desired method on the Web Service. 7
10 4 Security and Trust Services API: Providing security for JavaME applications 4.1 Introduction to the Security and Trust Services API The Security and Trust Services API (SATSA) is defined through the Java Community Process as JSR 177. The main driving factor for this API was e-commerce and the motivation was to provide mobile applications with the ability of communicating in a secure way. SATSA is focused on achieving security by using so-called secure elements like Smart Cards or Wireless Identification Modules which provide basic cryptographic functionalities like confidentiality, authentication and integrity by means of encryption and digital signatures. SATSA is composed by four sub-apis, as it can be observed in Figure 4. Furthermore, they can be categorized in communication APIs: SATSA-Application Protocol Data Unit (APDU) Communication API and SATSA-Java Card RMI (JCRMI) Communication API, used for communicating with secure elements like Smart Cards by means of a lowlevel respectively an RMI-based protocol, and pure security APIs: SATSA-Public Key Infrastructure (PKI) Signature Service API and SATSA-CRYPTO Cryptographic API. For the purpose of this article the focus will be on SATSA-PKI. Further information with respect to the other SATSA APIs, including SATSA-PKI, can be obtained in [3], [4] and [1]. Figure 4: The SATSA APIs [3] SATSA-PKI provides a mobile application with the possibility of both requesting a digital signature from a Smart Card and managing certificates. A generated signature 8
11 can either be used to provide authentication, or it can be used for integrity and nonrepudiation. 4.2 Using SATSA PKI to secure the communication with Web Services Section 3 described how WSA can be used to access a Broker Web Service. The problem with this example is that no authentication takes place, so that anyone can use the service to buy stocks on behalf of someone else. In this subsection an approach to solving this problem is presented, using digital signatures generated by a Smart Card to authenticate the customer. For this, the Secure Broker Web Service is used as service endpoint. This Web Service is similar with the Broker Web Services, the only difference being that the Secure Broker Web Service expects a byte array as input for the buy() method. Generating the appropriate stubs and calling the Web Service is done just like in Subsection 3.2. The communication between the Mobile Client, the Smart Card and the Web Service is shown in Figure 5. Figure 5: Example: Mobile client generates a signature and calls the Secure Broker Web Service To generate a digital signature, the class CMSMessageSignatureService belonging SATSA-PKI API is used. This class defines 3 methods: one for authentication using a 9
12 string as input for the signature, one for authentication using a byte array as input and one for integrity and non-repudiation that uses a string as input. For this example, the method authenticate() taking a string as input will be used. The result will be a byte array that complies to the Formatted Digital Signature 4 format. Since the actual signing process takes place on the Smart Card, a communication with the Smart Card must take place.the Sun Java Wireless Toolkit (WTK) comes with the Java Card Platform Simulator which can be used to simulate Smart Cards in the Sun WTK emulator s slots. Along with this simulator come a couple of prebuilt memory images and a demo of how to use the SATSA-PKI API together with such an image to generate a digital signature. In order to communicate with the Secure Broker Web Service, the client application needs to provide a byte array containing the previous identifier, but this time it has to be signed and must include the certificate corresponding to the private key that was used to sign the string identifier. Listing 2 shows how this byte array is created. In line 4, the method autheticate() is called using as parameter a string identifier to be signed. The second parameter specifies that both the certificate and the content should be embedded in the output, whereas the canames parameter indicates which certificate should be used. The userprompt parameter is a string that is shown to the user when a connection with the Smart Card can not be established. To establish such a connection using the Sun WTK, the Java Card Platform Simulator needs to be started using the appropriate memory image. The entire code in Listing 2 must be executed in a separate thread. This is because the JSR 177 specification obliges the manufacturers of mobile devices that provide SATSA support to handle issues like requesting a PIN from the user in order to access the private key used for signature or showing the string to be signed to the user previous to signing. Such UI interaction can cause problems if is not implemented in a separate thread or if the application does not take in consideration that generating a signature involves additional user interaction String caname = "c=us,st =CA,l= Santa Clara,o= dummy CA,ou=JCT,cn= thehost "; 3 String [] canames = new String [1]; 4 authsignature = CMSMessageSignatureService. authenticate ( stringtosign, CMSMessageSignatureService. SIG_INCLUDE_CERTIFICATE CMSMessageSignatureService. SIG_INCLUDE_CONTENT, canames, userprompt ); 5... Listing 2: Generating a signature using SATSA-PKI Once the byte array containing the signed identifier (this is the same identifier used with the Broker Web Service and presented in Section 3) has been generated, it can be used as parameter to call the Secure Broker Web Service. In such a way the Secure Broker
13 Web Service can make sure that the request to buy stocks comes from the right person and has not been faked. The mobile client and the Web Service have now communicated in a secure way. 11
14 5 Discussion and Conclusion The purpose of this article was to show how two of the recently developed, optional JavaME APIs can be used to consume Web Services in a secure way. Using this approach presents some problems and limitations. The biggest problem is that, in this way, the developer of a Web Service must deal with both business logic and security issues. This is definitely not the right way, since security is a non-functional property of a system and should be separated from the business logic. Another problem of this approach is that there is no way of providing confidentiality by encrypting sensitive data or parts of a SOAP message transported over the network. Transport layer security like SSL cannot help here, since SOAP messages might travel between more hops. Message layer security can be provided by using WS-Security 5, a standard developed to solve the special security requirements of Web Services. It is also impossible to determine if a Web Service requires security just by analyzing the WSDL file. A solution for this problem, still under development, is to use a standard called WS-Policy 6. Still, the approach presented in this article can be used when the developer of the mobile application and the developer of the Web Service are one and the same, and the only security requirement is to provide authentication by using strong cryptography, like smart cards do
15 References [1] Sun Microsystems. Security and trust services apis for java 2 platform, micro edition. December [2] C. Enrique Ortiz. Introduction to j2me web services. April [3] C. Enrique Ortiz. The security and trust services api for j2me, part 1. March [4] C. Enrique Ortiz. The security and trust services api for j2me, part 2. September
Java ME Clients for XML Web Services
66 Java ME Clients for XML Web Services Paul POCATILU Academy of Economic Studies, Bucharest Using Web services in developing applications has many advantages like the existence of standards, multiple
More informationDeveloping Java Web Services
Page 1 of 5 Developing Java Web Services Hands On 35 Hours Online 5 Days In-Classroom A comprehensive look at the state of the art in developing interoperable web services on the Java EE platform. Students
More informationWEB SERVICES. Revised 9/29/2015
WEB SERVICES Revised 9/29/2015 This Page Intentionally Left Blank Table of Contents Web Services using WebLogic... 1 Developing Web Services on WebSphere... 2 Developing RESTful Services in Java v1.1...
More informationInvocación remota (based on M. L. Liu Distributed Computing -- Concepts and Application http://www.csc.calpoly.edu/~mliu/book/index.
Departament d Arquitectura de Computadors Invocación remota (based on M. L. Liu Distributed Computing -- Concepts and Application http://www.csc.calpoly.edu/~mliu/book/index.html) Local Objects vs. Distributed
More informationA Middleware-Based Approach to Mobile Web Services
Abstract A Middleware-Based Approach to Mobile Web Services Pampa Sadhukhan, Pradip K Das, Rijurekha Sen, Niladrish Chatterjee and Arijit Das Centre for Mobile Computing and Communication (CMCC), Jadavpur
More informationJAVA API FOR XML WEB SERVICES (JAX-WS)
JAVA API FOR XML WEB SERVICES (JAX-WS) INTRODUCTION AND PURPOSE The Java API for XML Web Services (JAX-WS) is a Java programming language API for creating web services. JAX-WS 2.0 replaced the JAX-RPC
More informationCopyright 2012, Oracle and/or its affiliates. All rights reserved.
1 OTM and SOA Mark Hagan Principal Software Engineer Oracle Product Development Content What is SOA? What is Web Services Security? Web Services Security in OTM Futures 3 PARADIGM 4 Content What is SOA?
More informationMobility Information Series
SOAP vs REST RapidValue Enabling Mobility XML vs JSON Mobility Information Series Comparison between various Web Services Data Transfer Frameworks for Mobile Enabling Applications Author: Arun Chandran,
More informationITS. Java WebService. ITS Data-Solutions Pvt Ltd BENEFITS OF ATTENDANCE:
Java WebService BENEFITS OF ATTENDANCE: PREREQUISITES: Upon completion of this course, students will be able to: Describe the interoperable web services architecture, including the roles of SOAP and WSDL.
More informationJVA-561. Developing SOAP Web Services in Java
JVA-561. Developing SOAP Web Services in Java Version 2.2 A comprehensive look at the state of the art in developing interoperable web services on the Java EE 6 platform. Students learn the key standards
More informationThe Study on Mobile Phone-oriented Application Integration Technology of Web Services 1
The Study on Mobile Phone-oriented Application Integration Technology of Web Services 1 Li Luqun 1, 2 Li Minglu 1 Cui Xianguo 2 1. Department of Computer Science of Shanghai Jiaotong University, 1954 Huashan
More information1 Mobile Data Mining on Small
1 Mobile Data Mining on Small Devices Through Web Services Domenico Talia and Paolo Trunfio DEIS, University of Calabria Via Pietro Bucci 41C 87036 Rende (CS), Italy 1.1 INTRODUCTION Analysis of data is
More informationA standards-based approach to application integration
A standards-based approach to application integration An introduction to IBM s WebSphere ESB product Jim MacNair Senior Consulting IT Specialist Macnair@us.ibm.com Copyright IBM Corporation 2005. All rights
More informationJava Web Services Training
Java Web Services Training Duration: 5 days Class Overview A comprehensive look at the state of the art in developing interoperable web services on the Java EE 6 platform. Students learn the key standards
More informationCHAPTER 7 RESULT ANALYSIS AND STATISTICS. 7.1 Introduction to manual Vs automated testing
CHAPTER 7 RESULT ANALYSIS AND STATISTICS 7.1 Introduction to manual Vs automated testing Testing is considered to be the most crucial part of the software development life cycle. It is very important because
More informationResearch on the Model of Enterprise Application Integration with Web Services
Research on the Model of Enterprise Integration with Web Services XIN JIN School of Information, Central University of Finance& Economics, Beijing, 100081 China Abstract: - In order to improve business
More informationService-Oriented Architectures
Architectures Computing & 2009-11-06 Architectures Computing & SERVICE-ORIENTED COMPUTING (SOC) A new computing paradigm revolving around the concept of software as a service Assumes that entire systems
More information000-371. Web Services Development for IBM WebSphere Application Server V7.0. Version: Demo. Page <<1/10>>
000-371 Web Services Development for IBM WebSphere Application Server V7.0 Version: Demo Page 1. Which of the following business scenarios is the LEAST appropriate for Web services? A. Expanding
More informationMotivation Definitions EAI Architectures Elements Integration Technologies. Part I. EAI: Foundations, Concepts, and Architectures
Part I EAI: Foundations, Concepts, and Architectures 5 Example: Mail-order Company Mail order Company IS Invoicing Windows, standard software IS Order Processing Linux, C++, Oracle IS Accounts Receivable
More informationMiddleware and the Internet. Example: Shopping Service. What could be possible? Service Oriented Architecture
Middleware and the Internet Example: Shopping Middleware today Designed for special purposes (e.g. DCOM) or with overloaded specification (e.g. CORBA) Specifying own protocols integration in real world
More informationJava Security Web Services Security (Overview) Lecture 9
Java Security Web Services Security (Overview) Lecture 9 Java 2 Cryptography Java provides API + SPI for crypto functions Java Cryptography Architecture Security related core classes Access control and
More informationVirtual Credit Card Processing System
The ITB Journal Volume 3 Issue 2 Article 2 2002 Virtual Credit Card Processing System Geraldine Gray Karen Church Tony Ayres Follow this and additional works at: http://arrow.dit.ie/itbj Part of the E-Commerce
More informationPrinciples and Foundations of Web Services: An Holistic View (Technologies, Business Drivers, Models, Architectures and Standards)
Principles and Foundations of Web Services: An Holistic View (Technologies, Business Drivers, Models, Architectures and Standards) Michael P. Papazoglou (INFOLAB/CRISM, Tilburg University, The Netherlands)
More informationGetting started with API testing
Technical white paper Getting started with API testing Test all layers of your composite applications, not just the GUI Table of contents Executive summary... 3 Introduction... 3 Who should read this document?...
More informationExtreme Java G22.3033-006. Session 3 Main Theme Java Core Technologies (Part I) Dr. Jean-Claude Franchitti
Extreme Java G22.3033-006 Session 3 Main Theme Java Core Technologies (Part I) Dr. Jean-Claude Franchitti New York University Computer Science Department Courant Institute of Mathematical Sciences Agenda
More information1 What Are Web Services?
Oracle Fusion Middleware Introducing Web Services 11g Release 1 (11.1.1.6) E14294-06 November 2011 This document provides an overview of Web services in Oracle Fusion Middleware 11g. Sections include:
More informationIntroduction to Oracle WebLogic. Presented by: Fatna Belqasmi, PhD, Researcher at Ericsson
Introduction to Oracle WebLogic Presented by: Fatna Belqasmi, PhD, Researcher at Ericsson Agenda Overview Download and installation A concrete scenario using the real product Hints for the project Overview
More informationIntroduction into Web Services (WS)
(WS) Adomas Svirskas Agenda Background and the need for WS SOAP the first Internet-ready RPC Basic Web Services Advanced Web Services Case Studies The ebxml framework How do I use/develop Web Services?
More informationDigital Signature Web Service Interface
1 2 Digital Signature Web Service Interface 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 1 Introduction This document describes an RPC interface for a centralized
More informationNetBeans IDE Field Guide
NetBeans IDE Field Guide Copyright 2005 Sun Microsystems, Inc. All rights reserved. Table of Contents Extending J2EE Applications with Web Services...1 Consuming Existing Web Services...2 Implementing
More informationJavaPolis 2004 Middleware and Web Services Security
JavaPolis 2004 Middleware and Web Services Security Dr. Konstantin Beznosov Assistant Professor University of British Columbia Do you know what these mean? SOAP WSDL IIOP CSI v2 Overall Presentation Goal
More informationIBM SPSS Collaboration and Deployment Services Version 6 Release 0. Single Sign-On Services Developer's Guide
IBM SPSS Collaboration and Deployment Services Version 6 Release 0 Single Sign-On Services Developer's Guide Note Before using this information and the product it supports, read the information in Notices
More informationSecure Identity Propagation Using WS- Trust, SAML2, and WS-Security 12 Apr 2011 IBM Impact
Secure Identity Propagation Using WS- Trust, SAML2, and WS-Security 12 Apr 2011 IBM Impact Robert C. Broeckelmann Jr., Enterprise Middleware Architect Ryan Triplett, Middleware Security Architect Requirements
More informationLehrstuhl für Informatik 4 Kommunikation und verteilte Systeme. Middleware. Chapter 8: Middleware
Middleware 1 Middleware Lehrstuhl für Informatik 4 Middleware: Realisation of distributed accesses by suitable software infrastructure Hiding the complexity of the distributed system from the programmer
More informationIntroduction to Service Oriented Architectures (SOA)
Introduction to Service Oriented Architectures (SOA) Responsible Institutions: ETHZ (Concept) ETHZ (Overall) ETHZ (Revision) http://www.eu-orchestra.org - Version from: 26.10.2007 1 Content 1. Introduction
More informationCreating Web Services in NetBeans
Creating Web Services in NetBeans Fulvio Frati fulvio.frati@unimi.it Sesar Lab http://ra.crema.unimi.it 1 Outline Web Services Overview Creation of a Web Services Server Creation of different Web Services
More informationBuilding Web Services with XML Service Utility Library (XSUL)
Building Web Services with XML Service Utility Library (XSUL) Aleksander Slominski IU Extreme! Lab August 2005 Linked Environments for Atmospheric Discovery Outline Goals and Features Creating Web Services
More informationMiddleware and the Internet
Middleware and the Internet Middleware today Designed for special purposes (e.g. DCOM) or with overloaded specification (e.g. CORBA) Specifying own protocols integration in real world network? Non-performant
More informationXML Parsing and Web Services Seminar Enterprise Computing
Seminar Enterprise Computing Winter Term 2004/05 University of Applied Sciences, Aargau Faculty of Engineering and Technology Author: Siarhei Sirotkin Scientic Adviser: Prof. Dr. Dominik Gruntz Windisch,
More information1 What Are Web Services?
Oracle Fusion Middleware Introducing Web Services 11g Release 1 (11.1.1) E14294-04 January 2011 This document provides an overview of Web services in Oracle Fusion Middleware 11g. Sections include: What
More informationWeb services can convert your existing applications into web applications.
i About the Tutorial Web services are open standard (XML, SOAP, HTTP, etc.) based web applications that interact with other web applications for the purpose of exchanging data Web services can convert
More informationAuthor: Gennaro Frazzingaro Universidad Rey Juan Carlos campus de Mostòles (Madrid) GIA Grupo de Inteligencia Artificial
Simple Implementation of a WebService using Eclipse Author: Gennaro Frazzingaro Universidad Rey Juan Carlos campus de Mostòles (Madrid) GIA Grupo de Inteligencia Artificial Contents Web Services introduction
More informationMobile and Dynamic Web Services
Mobile and Dynamic Web Services Elena Sánchez-Nielsen, Sandra Martín-Ruiz, Jorge Rodríguez-Pedrianes Dpto. E.I.O. y Computación Escuela Técnica Superior de Ingeniería Informática Universidad de La Laguna,
More informationSmart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi
Smart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi Purpose This paper is intended to describe the benefits of smart card implementation and it combination with Public
More informationContents. Client-server and multi-tier architectures. The Java 2 Enterprise Edition (J2EE) platform
Part III: Component Architectures Natividad Martínez Madrid y Simon Pickin Departamento de Ingeniería Telemática Universidad Carlos III de Madrid {nati, spickin}@it.uc3m.es Introduction Contents Client-server
More informationJBoss SOAP Web Services User Guide. Version: 3.3.0.M5
JBoss SOAP Web Services User Guide Version: 3.3.0.M5 1. JBoss SOAP Web Services Runtime and Tools support Overview... 1 1.1. Key Features of JBossWS... 1 2. Creating a Simple Web Service... 3 2.1. Generation...
More informationGrid Computing. Web Services. Explanation (2) Explanation. Grid Computing Fall 2006 Paul A. Farrell 9/12/2006
Grid Computing Web s Fall 2006 The Grid: Core Technologies Maozhen Li, Mark Baker John Wiley & Sons; 2005, ISBN 0-470-09417-6 Web s Based on Oriented Architecture (SOA) Clients : requestors Servers : s
More informationJAVA API FOR XML WEB SERVICES INTRODUCTION TO JAX-WS, THE JAVA API FOR XML BASED WEB SERVICES (SOAP, WSDL)
JAX-WS JAX-WS - Java API for XML Web Services JAVA API FOR XML WEB SERVICES INTRODUCTION TO JAX-WS, THE JAVA API FOR XML BASED WEB SERVICES (SOAP, WSDL) Peter R. Egli INDIGOO.COM 1/20 Contents 1. What
More informationWeb Services Advanced Topics
Web Services Advanced Topics Where things are now and where they are going Version 9 Web Services Advanced Topics WSAdvanced-2 Enterprise Web Services Industry trends and organizations Security and Reliability
More informationModule 13 Implementing Java EE Web Services with JAX-WS
Module 13 Implementing Java EE Web Services with JAX-WS Objectives Describe endpoints supported by Java EE 5 Describe the requirements of the JAX-WS servlet endpoints Describe the requirements of JAX-WS
More informationPROGRESS Portal Access Whitepaper
PROGRESS Portal Access Whitepaper Maciej Bogdanski, Michał Kosiedowski, Cezary Mazurek, Marzena Rabiega, Malgorzata Wolniewicz Poznan Supercomputing and Networking Center April 15, 2004 1 Introduction
More informationService Virtualization: Managing Change in a Service-Oriented Architecture
Service Virtualization: Managing Change in a Service-Oriented Architecture Abstract Load balancers, name servers (for example, Domain Name System [DNS]), and stock brokerage services are examples of virtual
More informationOracle EXAM - 1Z0-897. Java EE 6 Web Services Developer Certified Expert Exam. Buy Full Product. http://www.examskey.com/1z0-897.
Oracle EXAM - 1Z0-897 Java EE 6 Web Services Developer Certified Expert Exam Buy Full Product http://www.examskey.com/1z0-897.html Examskey Oracle 1Z0-897 exam demo product is here for you to test the
More informationOverview of CSS SSL. SSL Cryptography Overview CHAPTER
CHAPTER 1 Secure Sockets Layer (SSL) is an application-level protocol that provides encryption technology for the Internet, ensuring secure transactions such as the transmission of credit card numbers
More informationOVERCOMING CHANNEL BANDWIDTH CONSTRAINTS IN SECURE SIM APPLICATIONS
OVERCOMING CHANNEL BANDWIDTH CONSTRAINTS IN SECURE SIM APPLICATIONS John A. MacDonald 1, William Sirett 2 and Chris J. Mitchell 1 1 Information Security Group, Royal Holloway, University of London, Egham,
More informationOracle Application Server 10g Web Services Frequently Asked Questions Oct, 2006
Oracle Application Server 10g Web Services Frequently Asked Questions Oct, 2006 This FAQ addresses frequently asked questions relating to Oracle Application Server 10g Release 3 (10.1.3.1) Web Services
More informatione-gov Architecture Service Interface Guidelines
1 Introduction... 4 2 Mandatory Standards... 5 2.1 WSDL... 5 2.1.1 Service Definition Layer... 5 2.1.2 Binding Layer... 6 2.2 SOAP... 7 2.3 UDDI... 8 2.3.1 Different types of UDDI registries... 8 2.3.2
More informationMutual Fund Web Service Developer Guide
Mutual Fund Web Service Developer Guide Version 1.0 1 Table of Contents 1 Introduction 3 1.1 Summary 3 1.2 Audience 3 1.3 Terminology 3 1.4 What Kind of a Partner Site Am I? 3 1.4.1 Affiliate site 3 1.4.2
More informationEntrust Managed Services PKI. Getting an end-user Entrust certificate using Entrust Authority Administration Services. Document issue: 2.
Entrust Managed Services PKI Getting an end-user Entrust certificate using Entrust Authority Administration Services Document issue: 2.0 Date of issue: June 2009 Revision information Table 1: Revisions
More informationThe presentation explains how to create and access the web services using the user interface. WebServices.ppt. Page 1 of 14
The presentation explains how to create and access the web services using the user interface. Page 1 of 14 The aim of this presentation is to familiarize you with the processes of creating and accessing
More informationWeb Services Development In a Java Environment
Web Services Development In a Java Environment SWE 642, Spring 2008 Nick Duan April 16, 2008 1 Overview Services Process Architecture XML-based info processing model Extending the Java EE Platform Interface-driven
More informationConcept, implementation and performance testing of a mobile Web Service provider for Smart Phones
Ome Srirama Chair of Information Systems LuFG Cooperation Systems Aachen University of Technology Prof. Dr. Wolfgang Prinz Master Thesis Concept, implementation and performance testing of a mobile Web
More informationMiddleware Lou Somers
Middleware Lou Somers April 18, 2002 1 Contents Overview Definition, goals, requirements Four categories of middleware Transactional, message oriented, procedural, object Middleware examples XML-RPC, SOAP,
More informationIntroduction to Sun ONE Application Server 7
Introduction to Sun ONE Application Server 7 The Sun ONE Application Server 7 provides a high-performance J2EE platform suitable for broad deployment of application services and web services. It offers
More informationArchitectural Overview
Architectural Overview Version 7 Part Number 817-2167-10 March 2003 A Sun ONE Application Server 7 deployment consists of a number of application server instances, an administrative server and, optionally,
More informationOutline SOA. Properties of SOA. Service 2/19/2016. Definitions. Comparison of component technologies. Definitions Component technologies
Szolgáltatásorientált rendszerintegráció Comparison of component technologies Simon Balázs, BME IIT Outline Definitions Component technologies RPC, RMI, CORBA, COM+,.NET, Java, OSGi, EJB, SOAP web services,
More informationChapter 2: Remote Procedure Call (RPC)
Chapter 2: Remote Procedure Call (RPC) Gustavo Alonso Computer Science Department Swiss Federal Institute of Technology (ETHZ) alonso@inf.ethz.ch http://www.iks.inf.ethz.ch/ Contents - Chapter 2 - RPC
More informationA Signing Proxy for Web Services Security. Dr. Ingo Melzer RIC/ED
A Signing Proxy for Web Services Security Dr. Ingo Melzer RIC/ED What is a Web Service? Infrastructure Web Service I. Melzer -- A Signing Proxy for Web Services Security 2 What is a Web Service? basic
More informationHow to Build an E-Commerce Application using J2EE. Carol McDonald Code Camp Engineer
How to Build an E-Commerce Application using J2EE Carol McDonald Code Camp Engineer Code Camp Agenda J2EE & Blueprints Application Architecture and J2EE Blueprints E-Commerce Application Design Enterprise
More informationAquaLogic Service Bus
AquaLogic Bus Wolfgang Weigend Principal Systems Engineer BEA Systems 1 What to consider when looking at ESB? Number of planned business access points Reuse across organization Reduced cost of ownership
More informationService Computing: Basics Monica Scannapieco
Service Computing: Basics Monica Scannapieco Generalities: Defining a Service Services are self-describing, open components that support rapid, low-cost composition of distributed applications. Since services
More informationWhat is Middleware? Software that functions as a conversion or translation layer. It is also a consolidator and integrator.
What is Middleware? Application Application Middleware Middleware Operating System Operating System Software that functions as a conversion or translation layer. It is also a consolidator and integrator.
More informationOsEra Enterprise Service Bus
OsEra Enterprise Service Bus OsEra Enterprise Service Bus... 1 Principles... 2 Characteristics of the OsEra Enterprise Service Bus... 4 Overall Architecture... 5 Mapping of OsEra Architectures to the ESB...
More informationJava ME & NetBeans Mobility. Petr Suchomel Architect, NetBeans Mobility Sun Microsystems
Java ME & NetBeans Mobility Petr Suchomel Architect, NetBeans Mobility Sun Microsystems Agenda Java ME introduction Java ME applications NetBeans Mobility Edition Power of advanced features Demos, demos,
More informationIntegration of Embedded Devices Through Web Services: Requirements, Challenges and Early Results
Integration of Embedded Devices Through Web Services: Requirements, Challenges and Early Results Guilherme Bertoni Machado Frank Siqueira Federal University of Santa Catarina Florianópolis, Brazil {bertoni,frank}@inf.ufsc.br
More informationWeb Service Testing. SOAP-based Web Services. Software Quality Assurance Telerik Software Academy http://academy.telerik.com
Web Service Testing SOAP-based Web Services Software Quality Assurance Telerik Software Academy http://academy.telerik.com The Lectors Snejina Lazarova Product Manager Talent Management System Dimo Mitev
More informationGT 6.0 GSI C Security: Key Concepts
GT 6.0 GSI C Security: Key Concepts GT 6.0 GSI C Security: Key Concepts Overview GSI uses public key cryptography (also known as asymmetric cryptography) as the basis for its functionality. Many of the
More informationIntegration of Hotel Property Management Systems (HPMS) with Global Internet Reservation Systems
Integration of Hotel Property Management Systems (HPMS) with Global Internet Reservation Systems If company want to be competitive on global market nowadays, it have to be persistent on Internet. If we
More informationYour Mobile Phone as a Ticket (NFC)
Your Mobile Phone as a Ticket (NFC) Francisco Maria van Uden Chaves IST - Technical University of Lisbon Av. Prof. Cavaco Silva Tagus Park 2780-990 Porto Salvo, Portugal francisco.chaves@ist.utl.pt Abstract.
More informationDeveloping Google Android Mobile Clients for Web Services: a Case Study
tesi di laurea Developing Google Android Mobile Clients for Web Services: a Case Study Anno Accademico 2007/2008 relatore Ch.mo prof. Stefano Russo correlatore Ing. Marcello Cinque candidato Vito Daniele
More informationRedbooks Paper. WebSphere Application Server V5 Architecture. Carla Sadtler
Redbooks Paper Carla Sadtler WebSphere Application Server V5 Architecture WebSphere Application Server is IBM 's implementation of the J2EE (Java 2 Enterprise Edition) platform, conforming to V1.3 of the
More informationData Collection and Analysis: Get End-to-End Security with Cisco Connected Analytics for Network Deployment
White Paper Data Collection and Analysis: Get End-to-End Security with Cisco Connected Analytics for Network Deployment Cisco Connected Analytics for Network Deployment (CAND) is Cisco hosted, subscription-based
More informationIncreasing IT flexibility with IBM WebSphere ESB software.
ESB solutions White paper Increasing IT flexibility with IBM WebSphere ESB software. By Beth Hutchison, Katie Johnson and Marc-Thomas Schmidt, IBM Software Group December 2005 Page 2 Contents 2 Introduction
More informationSoftware Design Document Securing Web Service with Proxy
Software Design Document Securing Web Service with Proxy Federated Access Manager 8.0 Version 0.3 Please send comments to: dev@opensso.dev.java.net This document is subject to the following license: COMMON
More informationWeb Hosting. Comprehensive, scalable solutions for hosting dynamic websites, secure web services, and enterprise applications.
Web Hosting Comprehensive, scalable solutions for hosting dynamic websites, secure web services, and enterprise applications. Features High-performance Apache web server Apache 1.3 and 2.0 1 with HTTP
More informationcipher: the algorithm or function used for encryption and decryption
! "# $ %& %'()! *,+ & -.! % %- / 0-1 2+ 34 576!! 8 9! ": ;
More informationHow To Develop A Web Service In A Microsoft J2Ee (Java) 2.5 (Oracle) 2-Year Old (Orcient) 2Dj (Oracles) 2E (Orca) 2Gj (J
Tool Support for Developing Scalable J2EE Web Service Architectures Guus Ramackers Application Development Tools Oracle Corporation guus.ramackers@oracle.com www.oracle.com Using All This in Real Life
More informationPresented By: Muhammad Afzal 08May, 2009
Secure Web ServiceTransportation for HL7 V3.0 Messages Authors: Somia Razzaq, Maqbool Hussain, Muhammad Afzal, Hafiz Farooq Ahmad Presented By: Muhammad Afzal 08May, 2009 NUST School of Electrical Engineering
More informationWeb services payment systems. Master Thesis Technical University of Denmark
Master Thesis Technical University of Denmark Submitted by Mike Andreasen 31.12.2003 Contents Preface... 5 Introduction... 6 State of the art... 7 Distributed computing evolution... 7 Introduction to XML...
More informationPaper VI: Secure Networked J2ME Applications: Problems and Challenges
Paper VI: Secure Networked J2ME Applications: Problems and Challenges Secure Networked J2ME Applications: Problems and Challenges André N. Klingsheim, Vebjørn Moen, and Kjell J. Hole Abstract An increasing
More informationContents at a Glance. 1 Introduction 17. 2 Basic Principles of IT Security 23. 3 Authentication and Authorization in
at a Glance 1 Introduction 17 2 Basic Principles of IT Security 23 3 Authentication and Authorization in SAP NetWeaver Application Server Java 53 4 Single Sign-On 151 5 Identity Provisioning 289 6 Secure
More informationWeb Services Implementation: The Beta Phase of EPA Network Nodes
Web Services Implementation: The Beta Phase of EPA Network Nodes Connie Dwyer and Chris Clark U.S. Environmental Protection Agency, 1200 Pennsylvania Avenue, N. W., Washington, D.C. dwyer.connie@epa.gov
More informationWhat is a Web service?
What is a Web service? Many people and companies have debated the exact definition of Web services. At a minimum, however, a Web service is any piece of software that makes itself available over the Internet
More information000-575. IBM Tivoli Federated Identity Manager V6.2.2 Implementation. Version: Demo. Page <<1/10>>
000-575 IBM Tivoli Federated Identity Manager V6.2.2 Implementation Version: Demo Page 1.What is the default file name of the IBM Tivoli Directory Integrator log? A. tdi.log B. ibmdi.log C. ibmdisrv.log
More informationMobile Devices and Web Services
7th WSEAS International Conference on APPLIED COMPUTER SCIENCE, Venice, Italy, November 21-23, 2007 322 Mobile Devices and Web Services TOMAS KOZEL, ANTONIN SLABY Univerzity of Hradec Kralove Department
More informationBuilding Web Services with Apache Axis2
2009 Marty Hall Building Web Services with Apache Axis2 Part I: Java-First (Bottom-Up) Services Customized Java EE Training: http://courses.coreservlets.com/ Servlets, JSP, Struts, JSF/MyFaces/Facelets,
More informationStock Trader System. Architecture Description
Stock Trader System Architecture Description Michael Stevens mike@mestevens.com http://www.mestevens.com Table of Contents 1. Purpose of Document 2 2. System Synopsis 2 3. Current Situation and Environment
More informationRMI Client Application Programming Interface
RMI Client Application Programming Interface Java Card 2.2 Java 2 Platform, Micro Edition Sun Microsystems, Inc. 901 San Antonio Road Palo Alto, CA 94303 U.S.A. 650-960-1300 June, 2002 Copyright 2002 Sun
More informationT-110.5140 Network Application Frameworks and XML Web Services and WSDL 15.2.2010 Tancred Lindholm
T-110.5140 Network Application Frameworks and XML Web Services and WSDL 15.2.2010 Tancred Lindholm Based on slides by Sasu Tarkoma and Pekka Nikander 1 of 20 Contents Short review of XML & related specs
More informationWS4D: SOA-Toolkits making embedded systems ready for Web Services
WS4D: SOA-Toolkits making embedded systems ready for Web Services Elmar Zeeb 1, Andreas Bobek 1, Hendrik Bohn 1, Steffen Prüter 1, Andre Pohl 2, Heiko Krumm 2, Ingo Lück 3, Frank Golatowski 1, and Dirk
More information