Secure web services using two-way authentication and three-party key establishment for service delivery

Han, Song; Dillon, Tharam S.; Chang, Elizabeth; Tian, Biming

doi:10.1016/j.sysarc.2009.01.004

134912_134912.pdf (285.0Kb)

Access Status

Open access

Authors

Han, Song

Dillon, Tharam S.

Chang, Elizabeth

Tian, Biming

Date

2009

Type

Journal Article

Metadata

Show full item record

Citation

Han, Song and Dillon, Tharam S. and Chang, Elizabeth and Tian, Biming. 2009. Secure web services using two-way authentication and three-party key establishment for service delivery. Journal of Systems Architecture. 55 (4): pp. 233-242.

Source Title

Journal of Systems Architecture

DOI

10.1016/j.sysarc.2009.01.004

ISSN

1383-7621

Faculty

Curtin Business School

The Digital Ecosystems and Business Intelligence Institute (DEBII)

School

Digital Ecosystems and Business Intelligence Institute (DEBII)

Remarks

URI

http://hdl.handle.net/20.500.11937/22212

Collection

Curtin Research Publications

Abstract

With the advance of web technologies, a large quantity of transactions have been processed through web services. Service Provider needs encryption via public communication channel in order that web services can be delivered to Service Requester. Such encryptions can be realized using secure session keys. Traditional approaches which can enable such transactions are based on peer-to-peer architecture or hierarchical group architecture. The former method resides on two-party communications while the latter resides on hierarchical group communications. In this paper, we will use three-party key establishment to enable secure communications for Service Requester and Service Provider. The proposed protocol supports Service Requester, Service Broker, and Service Provider with a shared secret key established among them. Compared with peer-to-peer architecture and hierarchical group architecture, our method aims at reducing communication and computation overheads.