Security aspects for web service based applications in financial applications
|Title||Security aspects for web service based applications in financial applications|
In this paper we first investigate the different security requirements for Web Service applications. These requirements can be separated into different security layers. We describe the purpose and the requirements for the different layers. Additionally, for each layer, different security technologies are proposed and investigated. We describe how these technologies fit into a Web Service based application architecture. In the second part, we describe a security architecture we implemented with already existing security technologies. Advantages and drawbacks of the implemented solution are presented. The security layers were implemented for a Web Service prototype application that was developed in an industrial research project, together with a large Austrian financial software provider. The prototype application was targeted to address issues of a financial application based on Web Services.