Critical Evaluation of Web Service Security on Global Business Transactions

ChanYi-Tung Chan graduated from the University of East London in UK with a degree in MSc Technology Management. Recently, he has passed his MPhil viva at WIT with a thesis entitled “Critical Evaluation of Web Service Security on Global Business Transactions”. His external examiner was Dr Maaruf Ali from Oxford Brookes University, UK and the internal examiner was Prof Alex Galybin.

The on-line service is a convenient tool but security issues are a major concern. The purpose of this work was to investigate the security of the Web Service in the transaction of global business and the current defence methods. Although many organizations and vendors have started to develop and define WS-Security Specification for the Web Service, WS-Security Specification cannot completely solve the security problem for the Web Service. The reason for this is that the Web Service technology inherits existing web technology and current communication protocol like TCP/IP. However, the problem of communication protocol is very difficult to solve. Many defence mechanisms can reduce the security threat but they cannot totally solve the security problem. In addition, on-line transactions are sensitive, vulnerable, critical, confidential, and valuable. Because of these features, a lot of Hackers and Crackers are interested in attacking websites to obtain valuable information. Therefore, this research project investigated current defence mechanisms and proposed a framework to reduce the security problem for the Web Service.