Security Web Services

Security of the Web Services the use of protocol HTTP as half of transport of more fragile messages SOAP becomes the Web Services in relation the security, in such a way, the challenge is to keep the efficiency of its functionalities and still to provide an surrounding insurance. (HARTMAN, 2003 apud HISSES and WEDGE, 2005, p.5). With the objective to become insurance the use of the Web Services and thus to guarantee its ample adoption, many proposals of security are being submitted the agencies as: Consortium World Wide Web (W3C), Organization will be the Advancement of Structured Information Standards (OASIS) and Web Services Interoperability Organization (WS-I). The proposals aim at to cover diverse areas of security and, in set with the specifications of security for the standard XML, these they allow to guarantee the main requirements of security. (MELLO, 2006, p.15). According to Wathier (2005, p.14), ' ' the implementation of security in Web services can be treated in different levels or layers that are: layer of net, layer of transport and layer of application, with the most varied standards for each camada' '.

Depending on the adopted model of security one or more requisite of security they are taken care of, amongst the main ones, Daum and Merten (2002, P. 238), they detach the following ones: ) Integrity: It means that the not-authorized modification of the data can be detected. The integrity can be guaranteed calculating syntheses of messages. b) Confidencialidade: A confidential document will not have to be read by not-authorized people. This can be guaranteed by the criptografia of the data. c) Authenticity: The authentication guarantees the origin of the data or the identity of the parts of the communication. The authentication of the origin of the data is gotten calculating digital signatures and codes of message authentication (MACS). These are message syntheses that only can be calculated and be verified with a private key.