Abstract—This research proposes a new secure token profile for improving the existing Web Services security standards. It provides a new authentication mechanism. This additional level of security is important for the Service- Oriented Architecture (SOA), which is an architectural style that uses a set of principles and design rules to shape interacting applications and maintain interoperability. Web Services is one of the technologies to implement SOA and it can be implemented using Simple Object Access Protocol (SOAP). A SOAP-based Web Service relies on XML for its message format and common application layer protocols for message negotiation and transmission. However, it is a security challenge when a message is transmitted over the network, especially on the Internet. The Organization for Advancement of Structured Information Standards (OASIS) announced a set of Web Services Security standards that focus on two major areas. “Who” can use the Web Service and “What” are the permissions. However, the location or domain of the message sender is not authenticated. Therefore, a new secure token profile is proposed for enhancing existing Web Service security standards and illustrates its performance advantage over existing WSSecurity standards.

Index Terms—Web Services Security standard; OASIS Standard 1.1; Service Oriented Architecture; SOAP

Cite: Chi Po Cheong, Chris Chatwin, and Rupert Young, "Enhanced and Sustainable WS-Security Using the Participant Doman Name Token," Journal of Emerging Technologies in Web Intelligence, Vol. 6, No. 3, pp. 305-317, August 2014. doi:10.4304/jetwi.6.3.305-317