KTH-SEECS Applied Information Security Lab

National University of Sciences and Technology (NUST)

Web Services Security

WS-Security (Web Services Security) is a communications protocol providing a means for applying security to Web Services. Many software vendors have joined in Web Services initiatives, such as standardization in W3C and OASIS. Simultaneously, they have released Web Services functions in their products. With Web Services, applications can be coupled loosely, that is, in a decentralized manner and are expected to influence business processes and accelerate business transformations. However, with the development and universal application of SOA technology, security issues of Web Services, based on heterogeneous platforms, have become increasingly prominent. Web Services technology does not yet provide the extensibility needed to tailor a Web Service according to the preferences of the requesting clients, thus failing to fulfill the mass customization. Our research focuses on investigating issues emerging in Web Services security for heterogeneous platform such as Cloud Computing and providing extensibility feature needed to customize Web Services as per the client's request.

Active researchers in this field are following: