Top Banner

Click here to load reader

Web Services Security and E-Business

Sep 04, 2014

ReportDownload

Documents

iWeb Ser vices Securit yand E-BusinessG. RadhamaniMultimedia University, MalaysiaG. S. V. Radha Krishna RaoMultimedia University, MalaysiaHershey London Melbourne SingaporeI DEA GROUP PUBLI SHI NGiiAcquisitions Editor: Michelle PotterDevelopment Editor: Kristin RothSenior Managing Editor: Jennifer NeidigManaging Editor: Sara ReedCopy Editor: Angela ThorTypesetter: Cindy ConsoneryCover Design: Lisa TosheffPrinted at: Integrated Book TechnologyPublished in the United States of America byIdea Group Publishing (an imprint of Idea Group Inc.)701 E. Chocolate AvenueHershey PA 17033Tel: 717-533-8845Fax: 717-533-8661E-mail: [email protected] site: http://www.idea-group.comand in the United Kingdom byIdea Group Publishing (an imprint of Idea Group Inc.)3 Henrietta StreetCovent GardenLondon WC2E 8LUTel: 44 20 7240 0856Fax: 44 20 7379 0609Web site: http://www.eurospanonline.comCopyright 2007 by Idea Group Inc. All rights reserved. No part of this book may be repro-duced, stored or distributed in any form or by any means, electronic or mechanical, includingphotocopying, without written permission from the publisher.Product or company names used in this book are for identification purposes only. Inclusion of thenames of the products or companies does not indicate a claim of ownership by IGI of thetrademark or registered trademark. Library of Congress Cataloging-in-Publication DataWeb services security and e-business / G. Radhamani and G.S.V. Radha Krishna Rao, editors. p. cm. Summary: "This book provides an insight into uncovering the security risks of dynamically created content and looks at how proper content management can greatly improve the overall security. It also looks at the security lifecycle and how to respond to an attack, as well as the problems of site hijacking and phishing"--Provided by publisher. Includes bibliographical references and index. ISBN 1-59904-168-5 -- ISBN 1-59904-169-3 (softcover) -- ISBN 1-59904-170-7 (ebook) 1. Computer networks--Security measures. 2. Web services. 3. Electronic commerce--Security measures. 4. Computer security. I. Radhamani, G., 1968- . II. Radha Krishna Rao, G.S.V., 1973- . TK5105.59.W434 2007 005.8--dc22 2006027712British Cataloguing in Publication DataA Cataloguing in Publication record for this book is available from the British Library.All work contributed to this book is new, previously-unpublished material. The views expressed inthis book are those of the authors, but not necessarily of the publisher. iiiDedicationto VenkatesaivWeb Ser vices Securit yand E-BusinessTable of Cont ent sForeword ...................................................................................................................... viiiS. S. Jamuar Universiti Putra Malaysia, MalaysiaPreface ........................................................................................................................... xChapter IWireless LAN Setup and Security Loopholes ............................................................... 1Biju Issac, Swinburne University of Technology, MalaysiaLawan A. Mohammed, Swinburne University of Technology, MalaysiaChapter IIWireless Web Security Using a Neural Network-Based Cipher ............................... 32Isaac Woungang, Ryerson University, CanadaAlireza Sadeghian, Ryerson University, CanadaShuwei Wu, Ryerson University, CanadaSudip Misra, Cornell University, USAMaryam Arvandi, Ryerson University, CanadaChapter IIIRFID Systems: Applications vs. Security and Privacy Implications ........................... 57Dennis M. L. Wong, Swinburne University of Technology, MalaysiaRaphael C.-W. Phan, Swinburne University of Technology, Malaysia vChapter IVMobile Code and Security Issues ................................................................................ 75E. S. S. Samundeeswari, Vellalar College for Women, IndiaF. Mary Magdalene Jane, P. S. G. R. Krishnammal, IndiaChapter VA Survey of Key Generation for Secure Multicast Communication Protocols .......... 93Win Aye, Multimedia University, MalaysiaMohammad Umar Siddiqi, International Islamic University Malaysia, MalaysiaChapter VISecurity in Mobile Agent Systems ............................................................................. 112Chua Fang Fang, Multimedia University, MalaysiaG. Radhamani, Multimedia University, MalaysiaChapter VIIIntrusion Detection System: A Brief Study............................................................... 129Robin Salim, Multimedia University, MalaysiaG. S. V. Radha Krishna Rao, Multimedia University, MalaysiaChapter VIIINode Authentication in Networks Using Zero-Knowledge Proofs ........................... 142Richard S. Norville, Wichita University, USAKamesh Namuduri, Wichita University, USARavi Pendse, Wichita University, USAChapter IXWeb Services Security in E-Business: Attacks and Countermeasures ................... 165Wei-Chuen Yau, Multimedia University, MalaysiaG. S. V. Radha Krishna Rao, Multimedia University, MalaysiaChapter XVerifiable Encryption of Digital Signatures Using Elliptic Curve DigitalSignature Algorithm and its Implementation Issues ................................................ 184R. Anitha, PSG College of Technology, IndiaR. S. Sankarasubramanian, PSG College of Technology, IndiaChapter XIAn Introductory Study On Business Intelligence Security ..................................... 204Chan Gaik Yee, Multimedia University, MalaysiaG. S. V. Radha Krishna Rao, Multimedia University, MalaysiaChapter XIISecure Trust Transfer Using Chain Signatures ...................................................... 218Amitabh Saxena, La Trobe University, AustraliaBen Soh, La Trobe University, AustraliaChapter XIIIDistributed Intrusion Detection Systems: An Overview........................................... 231Rosalind Deena Kumari, Multimedia University, MalaysiaG. Radhamani, Multimedia University, MalaysiaChapter XIVSubtle Interactions: Security Protocols and Cipher Modes of Operation................ 239Raphael C.-W. Phan, Swinburne University of Technology, MalaysiaBok-Min Goi, Multimedia University, MalaysiaChapter XVGeneric Algorithm for Preparing Unbreakable Cipher: A Short Study................... 262R. A. Balachandar, Anna University, IndiaM. Balakumar, Anna University, IndiaS. Anil Kumar, Anna University, IndiaChapter XVIA Robust Watermarking Scheme Using Codes Based on the Redundant ResidueNumber System......................................................................................................... 271Vik Tor Goh, Multimedia University, MalaysiaMohammad Umar Siddiqi, International Islamic University Malaysia, MalaysiaChapter XVIIA Framework for Electronic Bill Presentment and Off-Line Message Viewing ..... 306Ezmir Mohd Razali, Multimedia Univerisity, MalaysiaIsmail Ahmad, Multimedia Univerisity, MalaysiaG. S. V. Radha Krishna Rao, Multimedia Univerisity, MalaysiaKenneth Foo Chuan Khit, NetInfinium Sdn. Bhd., MalaysiaChapter XVIIIPropagation and Delegation of Rights in Access Controls and Risk AssessmentTechniques ................................................................................................................ 328Saravanan Muthaiyah, George Mason University, USA andMultimedia University, MalayasiaChapter XIXIPSec Overhead in Dual Stack IPv4/IPv6 Transition Mechanisms:An Analytical Study ................................................................................................... 338M. Mujinga, University of Fort Hare, South AfricaHippolyte Muyingi, University of Fort Hare, South AfricaAlfredo Terzoli, Rhodes University, South AfricaG. S. V. Radha Krishna Rao, University of Fort Hare, South AfricaChapter XXAn Approach for Intentional Modeling of Web Services Security RiskAssessment ............................................................................................................... 363Subhas C. Misra, Carleton University, CanadaVinod Kumar, Carleton University, CanadaUma Kumar, Carleton University, CanadaAbout the Authors ..................................................................................................... 380Index .......................................................................................................................... 390ForewordThere has been a dramatic impact on our society due to multifold increases in the use ofpersonal computers. Computer networking plays a crucial role in building a wirelessinformation society. Internet services and their applications have provided us withtools to obtain any kind of information in a flash of time, and the real world has beenconverted into a virtual world due to the proliferation of computers. Web sites are nowa key asset to organizations of all sizes, providing information and services to clients,suppliers, and employees. Unfortunately, these developments have also opened newsecurity threats to the enterprise networks, and opened the door to an increasingnumber of threats to individual and business computers. There is a growing trend ofhackers attacking networks via home and remote users. These attacks can be rangefrom partial loss of data to making the system nonusable, and privacy can be com-pletely violated. Unauthorized users can use their computer to attack other computersby gaining access through the Internet. In the year 2005, new threats increased byalmost 50%, as cybercriminals joined forces to create targeted malware attacks forfinancial gain.Being security aware means that computer system users understand the potentialthreats: that it is possible for some people to deliberately or accidentally steal, damage,or misuse the data that is stored within their computer systems and throughout theirorganization. Therefore, it would be prudent to support the assets of the