I have been reading your answers about Web service security. I am preparing a
Ph.D paper and decided the topic as "Web service security". I hope you could recommend the specific
topic about Web service security and related materials. What do you think what the hottest Web
service security topic is? And what topic is best as a Ph.D paper?
Requires Free Membership to View
Web service security in general is a "hot topic." There are a number of very interesting and
relative sub-topics related to Web services security. In my opinion four important topics, each of
which would be worthy of a PhD dissertation, would be:
- Federation – Authentication at the initiating client and authorization at the Web services server. The basic problem here is establishing trust.
- Privacy – Authentication without revealing the identity of the client. Take a look at this URL, which describes a joint project of Internet2 and IBM that tackles this problem.
- Security Administration – While there are systems that handle identity management, that is only a portion of Web services security administration needs. Other areas that require an administration model are Authorization, Attributes and Policy between disparate companies.
- Access Control – There has been some very good work in access control, but there are still some interesting problems in this area, especially as we move to Web services security. Take a look at the XACML specification at this URL for some of the recent work on access control in Web services.
This was first published in August 2003
Join the conversationComment
Share
Comments
Results
Contribute to the conversation