The document proposes an agent-based architecture for secure web service discovery. It evaluates using agents to negotiate a mutually acceptable security policy between a service consumer and provider based on their security requirements. The architecture includes a discovery agent that finds services matching a consumer's criteria. A security agent describes the provider's security needs. The process involves the consumer and provider combining their security policies and the discovery agent returning matched services. The document evaluates the architecture using the ATAM method, identifying quality attributes, risks, and tradeoffs.

1. ACEEE Int. J. on Communication, Vol. 01, No. 03, Dec 2010
Secure Architecture Evaluation for Agent Based
Web Service Discovery
V. Prasath1, R.Baskarane2 and P.Savaridassan3
1,2
Department of CSE, AssistantProfessor,1,2Christ College of Engineering and Technology,Puducherry,India.
2
Email: 1prasathvijayan@gmail.com, 2baskarannew@gmail.com
3
Department of IT, 3Dr.SJS Pauls College of Engineering and Technology,Puducherry,India.
Email: 3savari.pecit@gmail.com
Abstract—Web Services can be published, discovered and service provider and a service consumer. The WSDL
invoked over the web. Web Services can be implemented in document of a web service would include a security policy
any available technology but they are accessible through a description representing the types of security operations
standard protocol. With web services being accepted and that are required and supported by the Web-service for its
deployed in both research and industrial areas, the security
related issues become important. In this paper, architecture
SOAP message exchanges with consumers.
evaluated for web service on negotiating a mutually
acceptable security policy based on web service description II. SYSTEM OVERVIEW
language to both consumer and provider [1]. It allows a
service consumer to discover and retrieve a service-provider’s A. Service Discovery
security policy for service requests and allows a service
Web service discovery can be performed based on a
consumer to send its own security policy for service responses
to the service provider. The service consumer combines its web service security policy using agents. It consists of a
own policy for service requests with that of the service service provider, a service consumer and a UDDI to
provider to obtain the applied security policy for requests, include a discovery agent and security agent and use an
which specifies the set of security operations that the augmented UDDI that contains security policy information
consumer must perform on the request. The combining takes to allow secure web service discovery (as shown in
place in such a way that the applied security policy is Figure1). The discovery agent acts as a broker between a
consistent with both the consumer’s and provider’s security service consumer, a UDDI registry and a security policy
policies. The service provider also combines its own policy for that helps to discover secure web services that satisfy the
responses with that of the consumer, to obtain the applied
consumer security requirements.
security policy for responses.
B. Security Agent
Index Terms—Web Service discovery, Security Service,
Security policy, Agent, ATAM, Web Services Security
The security agent describes the security requirement
that service provider needs to be registering their WSDL
I. INTRODUCTION into the registry. Web service security test case describe a
testing methodology for web service security and outline a
Web services are reusable Web components with their process that can be adopted to evaluate web service
programmatic interfaces described in WSDL.WSDL is a security requirements [8]. Test case can be classified
XML format standard for describing the interface of a web according to different categories of threat faced by web
service. The WSDL description gives information about services. Security policy can be represented in the UDDI
what exactly a web service does, how to invoke its registry which is typically used to specify the security
functions and where to find it. Universal Description, policy details of a web service.
Discovery, and Integration (UDDI) is a registry standard,
which allows organizations to publish and discover Web C. Discovery Agent
Services using standardised methods [4]. The UDDI is an A discovery agent receives service requests containing
industry initiative to provide a platform-independent specifications for functional and security requirements
framework for creating a UDDI Business Registry. There from the service consumer, finds the services that meet the
are currently several providers of UDDI registers called
UDDI Operators. The UDDI specification defines a set of
data structures and an Application Programming Interface
(API) for registering and finding businesses [5]. The UDDI
specification also allows organizations to create their own
UDDI registries in order to have more control for the
access and the updating of information, and the reliability
of the registry content. We concentrate here on one key
issue, providing security in Web services architecture. In
this paper, we evaluated a technique for deriving mutually
acceptable quality of protection for exchanges between a Figure 1. Web service discovery using agents
1
© 2010 ACEEE
DOI: 01.IJCOM.01.03.43

2. ACEEE Int. J. on Communication, Vol. 01, No. 03, Dec 2010
specified criteria, and then returns a list of services to the IV. EVALUATION OF PROPOSED ARCHITECTURE
consumer in the order of priority. Discovery should be
The proposed architecture is evaluated by the Software
based on web service security polices for concerned
Architecture Tradeoff Analysis Method (ATAM).All the
request. The list of available services will be return to the
scenarios corresponding to each application of the secure
service consumer in order. This avoids the overhead of
web service discovery and retrieval are listed and
discovery mechanism to search secure web services over
evaluated.
UDDI registry for consumers needs.
A. ATAM: Secure Web Service Discovery
III. PROCESS MODEL We put ATAM to the test on our architecture and discuss
The model works with the exception that the containers the findings based on the outputs generated which include
hosting the consumer and provider classes emit a SOAP lists of risks, non-risks, sensitivities, and tradeoffs made.
message, which is intercepted by the security service. The The findings show that secure web service discovery and
consumer and provider classes could provide the <Security retrieval architecture can greatly benefit from using ATAM
Mechanisms> and <Security Services> elements to their by revealing its strengths and weaknesses before evolving
security services, in a WSS header, with the security the architecture further. It generates a number of outputs
service module identified as the target role. WSDL binding such as: a prioritised list of quality attributes, a list of
to support the publication of the security policy in the case architectural decisions made, a map linking architectural
that a provider offers a secured interface. Specifically, decisions to quality attributes, lists of risks and non-risks,
elements called <Security Mechanisms> and <Security and lists of sensitivities and tradeoffs.
Services> are associated with message definitions in the B. ATAM Process Phase 1
service’s WSDL instance. In addition, we specify a web
Step 1 - Presenting the ATAM Process
service security header for conveying the consumer’s
policy for service responses using the same element ATAM stands for Architecture Tradeoff Analysis
definitions. The <Security Mechanisms> element describes Method. It is a method that tells how well an architecture
a set of security mechanism, which may be applied to one satisfies particular goals by providing insight of how
or more nodes of the SOAP document [1]. quality goals interact and how they trade off.
Step 2 - Present Business Drivers
•Due to the increase of business-to-business
communication between different organizations over
internet resources, the current architecture will provide
secure service connection establishment between service
consumer and provider with added security policy.
•Suggest the service provider to accept the service
consumer requirements to add new security features to
perform secure tasks.
Architecture Drivers
The major quality attribute are as below
Prio- Quality Attribute Rationale
Figure 2. Model for web service security policy
rity Driver
Input: User request with specified security criteria
1 Security It is a major concern to this area of
Output: Secure match set of services from UDDI
the architecture because it should
u(h): Select all the services which matches the functionality
support authentication, encryption
requirements of user request that exists in UDDI.
and integrity over different
Let u(h)={ws1,ws2…..wsn}wss (h):
communication channel and
Choose the set of services which have been registered in UDDI with
platform model.
security specifications.
Let wss(h)={ws1(s), ws2(s), ….wsi(s)}
3 Availability The service should be in need to run
Step 1 : For each web services wsi in u(h)
at any time even system failure
//find the services that match the QOS requirements occurs over UDDI registry or service
Step 2: QoS based Selection=Qos_Match (u(h) , QWS Parameters);
provider.
Step 3 : If wss(h) requirements specified then
Step4 :{Secuirty_Search=Security_Match 4 Performance Continues user request will affect the
(QoS_Search,wss(h) specified); system response. we will establish
Step5 : If wss(h) ratings found then the user connection based on token
//find the services that matches security criteria request.
Step6 : return output of available services in wssi in u (h) according
to criteria rank}
Step7 :{Else return the output of available services wsi in u (h)}
Step 3 - Presenting architecture
Figure 3. Service discovery algorithm
2
© 2010 ACEEE
DOI: 01.IJCOM.01.03.43

3. ACEEE Int. J. on Communication, Vol. 01, No. 03, Dec 2010
Scenario#: 2 Scenario: Authentication
Attribute(s) Security
Environment Normal operations
Stimulus Service ticket has way to establish trust relationship
with more than one security domain
Response utility certificate are required to verify the user
authorization
Arch decision Reasoning
Sensitivity Utility certificate
Tradeoff More computation time and resource used,
Performance, but not too much.
Risk Provide certificate to user in more secret
Non risk Not apply here.
Step 4 - Identify Architecture Approaches
Important Approaches of the Secure Web Service Discovery Scenario#: 3 Scenario: Confidentiality
and Retrieval
Attribute(s) Security
Environment Normal operations
Architectural Rationale Trade-offs
Approach Stimulus Certificate authority has to provide security token
to authenticate
Layering It organizes the system in Security
hierarchical structure that potentially Response Intermediary has no way to read the message while
allows for easy system reduced risk establishing connection with service provider
modification. Arch decision Reasoning
Sensitivity The encryption algorithm.
Step 5 - Quality Attribute Utility Tree Tradeoff More computation time and resource used.
I=Importance, D=Difficulty to achieve, H, M, L = high, medium, Performance is the tradeoff with Security.
low
Risk Not apply to architecture, but the Encryption
Quality Attribute Scenarios (I, D)
algorithm itself, if it is not complex enough, could
Attribute Refinement
be hacked by brute force.
Security Confidentiality Users' information (H,L)
shall only be visible Non risk Not apply here.
to users of the
system and it is
Scenario#: 4 Scenario: Non-reputation
encrypted before
Attribute(s) Security
transmitting to the
server. Environment Normal operations
Integrity The system resists (H,M) Stimulus Utility has key certificate to form signed message
unauthorized to verify the user
intrusion and Response utility key certificate are required to verify the
modification of data. user sign information
Authentication This enables the user (H,M) Arch decision Reasoning
to access the service Sensitivity Utility key certificate
with required token Tradeoff Need signed key information for operation
Non-reputation It verifies the signed (H,M) response
information from Risk Provide certificate to user in more secret
valid user Non risk Not apply here.
Step 6 - Architecture elicitation and analysis Step 7 - Scenario Prioritization
The following table prioritizes the Quality Scenarios for
Scenario#:1 Scenario: Integrity the secure web service discovery and retrieval architecture.
Attribute(s) Security The Scenario # refers to the scenario being referenced.
Environment Normal operations
Prio- Scenario Scenario Stimulus Prioritization
Stimulus Unauthorized user without security token
rity # Rationale
cannot able to access the service available in 1 3,2 Transmission of the data It support user
the registry (Security) over secure communication data from
Response Identity Certificate are required to verify the unauthorized
user authentication access
Arch decision Reasoning 4 1,3,4 User information shall only This is to build
Sensitivity Identity certificate (Security) be visible to administrative users confident
users of the system and it is on using the
Tradeoff Need resource to map data, Performance, but
encrypted before system.
not too much. transmission
Risk Provide certificate to user in more secret
Non risk Not apply here.
3
© 2010 ACEEE
DOI: 01.IJCOM.01.03.43

4. ACEEE Int. J. on Communication, Vol. 01, No. 03, Dec 2010
V. CONCLUSIONS [3] Janette Hicks, Madhusudhan Govindaraju, Weiyi Meng,
“Enhancing Discovery of Web Services through Optimized
Universal Description Discovery and Integration has no Algorithms” IEEE International Conference on Granular
way to identify the secure web services when multiple Computing 2007 pp 685 - 698.
service providers are now providing similar functional [4] Colin Atkinson, Philipp Bostan, Oliver Hummel and Dietmar
Stoll, “A Practical Approach to Web Service Discovery and
services. An architecture evaluated called agent based web Retrieval”,IEEE International Conference on Web Services
service discovery to automate secure web service discovery (ICWS 2007).
for negotiating a mutually acceptable security policy based [5] Slim Trabelsi Jean-Christphe Pazzaglia Yves Roudier,
on web service description language for both consumer and “Secure Web Service discovery: overcoming challenges of
ubiquitous computing”, Proceedings of the European
provider in dynamic nature. Conference on Web Services (ECOWS'06).
[6] David Geer, “Taking Steps to Secure Web Services”,
REFERENCES Technology News October 2003.
[1] Zahid Ahmed, Martijn de Boer,, Monica Martin, Prateek [7] “Evaluating a software architecture and its process”, CS471b
Mishra, Dale Moberg, “Web-Services Security Quality of Software Design and Architecture,Group14NZB electronic
Protection”, Version 0.9 22 Nov 2002. banking system April 8, 2005.
[2] Kassem Saleh and Maryam Habil, “The Security [8] “A Web Services Security Testing Framework” Version:
Requirements Behavior Model for Trustworthy Software”, 1.00 SIFT Information security services,Nov 10, 2006.
International MCETECH Conference on e-Technologies
2008 pp 235 - 238.
4
© 2010 ACEEE
DOI: 01.IJCOM.01.03.43