Q

What's the hottest Web services security topic?

I have been reading your answers about Web service security. I am preparing a Ph.D paper and decided the topic as "Web service security". I hope you could recommend the specific topic about Web service security and related materials. What do you think what the hottest Web service security topic is? And what topic is best as a Ph.D paper?
Web service security in general is a "hot topic." There are a number of very interesting and relative sub-topics related to Web services security. In my opinion four important topics, each of which would be worthy of a PhD dissertation, would be:
  • Federation – Authentication at the initiating client and authorization at the Web services server. The basic problem here is establishing trust.
  • Privacy – Authentication without revealing the identity of the client. Take a look at this URL, which describes a joint project of Internet2 and IBM that tackles this problem.
  • Security Administration – While there are systems that handle identity management, that is only a portion of Web services security administration needs. Other areas that require an administration model are Authorization, Attributes and Policy between disparate companies.
  • Access Control – There has been some very good work in access control, but there are still some interesting problems in this area, especially as we move to Web services security. Take a look at the XACML specification at this URL for some of the recent work on access control in Web services.
Let me know what area that you choose.
This was first published in August 2003

Dig deeper on SOA security strategy

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchSoftwareQuality

SearchCloudApplications

SearchAWS

TheServerSide

SearchWinDevelopment

Close