Several companies and individuals are increasingly dependent on the electronic means to provide and consume services. A single service may not fulfil the requirement of a service consumer and hence, composition of web services which together satisfy the requirements is essential. In service provisioning, security attacks such as message alteration attack may happen at the service level or at the composition level. It is required to ensure secure data flow without information leaking through covert channels. Most of the existing works on web services security provide solutions for ensuring only confidentiality, client authorization, and integrity of information. Hence, it is proposed to design pluggable APIs that protect SOAP messages, from service based threats while accessing a service and during service composition. These APIs are generic in nature and can be installed on the server where the services are deployed. A generic API that protects the SOAP messages from message alteration attacks is proposed in this paper.

1. Erl, T. , Service-Oriented Architecture Concept, Technology, and Design, Pearson Education, 2006.
2. Singhal, A. , Winograd, T. , Scarfone, K. , Guide to Secure Web Services, Tech report of National Institute of Standards and Technology, Special Publication 800?95, U. S. Department of Commerce, MD, 2007.
3. Abdelkader, H. , David, S. , and Miriam, A. M. , Security Protocols in Service-Oriented Architecture, IEEE 6th World Congress on Services, pp. 185?186, 2010.
4. Yue, H. , Tao, X. , Web Services Security Problem in Service-oriented Architecture, 2012 International Conference on Applied Physics and Industrial Engineering, Physics Procedia, vol. 24, pp. 1635 ? 1641, 2012.
5. Rajaram, K. , Babu, C. , Template based SOA framework for dynamic and adaptive composition of Web Services, International Conference on Networking and Information Technology, pp. 49-53, 2010.
6. Han, J. , Kowalczyk, R. , Khan, K. M. , Security-Oriented Service Composition and Evolution, XIII Asia paci?c software engineering conference (APSEC'06), pp. 71-78, 2006.
7. Netbeans tutorial for web service interoperability technologies. http://netbeans. org/kb/docs/websvc/wsit. html.
8. Menzel, M. , Meinel, C. , SecureSOA ? Modelling Security Requirements for Service-oriented Architectures, IEEE International Conference on Services Computing, pp. 146 ? 153, 2010.
9. Monson, R. , The Ultimate Guide J2EE Web Services, Pearson Education, 2011.
10. XML Encryption Syntax and Processing, http://www. w3. org/TR/xmlenc-core/

Maa Api Soap Web Service Attacks Web Services Xml Encryption