liu.seSearch for publications in DiVA
Change search
ReferencesLink to record
Permanent link

Direct link
Security Architecture and Technologies for the Electronic Document Exchange with SOAP as Communication Protocol
Linköping University, Department of Electrical Engineering.
2005 (English)Independent thesis Basic level (professional degree)Student thesisAlternative title
Säkerhetsarkitektur och -tekniker för utbyte av elektroniska dokument med SOAP som kommunikationsprotokoll (Swedish)
Abstract [en]

In many industries the tracking and tracing of products within the supply chain is required by law. Companies in the metal working industry exchange so-called material test reports, which specify the product’s properties, the customer’s requirements, and serve as an assurance between the supplier and the customer. Internet technologies have changed the way companies exchange information and conduct business. In the metal working industry companies can implement an intermediary platform and make the exchange of material test reports more efficient. Furthermore, a client application that allows the company to export test reports from their information system directly to the intermediary can significantly decrease the processing costs. This inter-organizational collaboration can render an increase in productivity for customers and suppliers.

The main goal of the thesis is to analyze how companies in a supply chain can exchange documents with an intermediary over the protocol SOAP as well as support companies by showing a structured procedure for how to achieve security in a system using SOAP. SOAP is a platform independent XML-based communication protocol. The Extensible Markup Language (XML) is of major importance in e-business applications, because of its platform, language, and vendor independent way of describing data. As a universal data format, it enables the seamless connection of business systems.

SOAP does not provide any security and is usually implemented over HTTP, which allows it to pass through firewalls. Companies are only prepared to join an inter-organizational collaboration if IT-security is guaranteed. In the exchange of material test reports, security has two objectives. The first is to replace the handwritten signature in the paper-based document exchange. The second is to guarantee security for the material test reports as well as for the information intermediary.

SOAP’s extensibility model allows organizations to develop new extensions, which build upon the protocol and provide functions which aren’t specified. Specifications for attachments as well as for security should be implemented in the electronic document exchange. To design a secure system, each security concept, such as confidentiality, authentication and integrity, can be analyzed in its context and the appropriate standard can thereafter be implemented.

Place, publisher, year, edition, pages
Institutionen för systemteknik , 2005.
Keyword [en]
Informationsteknik, SOAP, XML, Web Service, J2EE, security, SSL, MTOM, Risk Assessment, XML Digital Signature, XML Encryption, XKMS
Keyword [sv]
National Category
Computer and Information Science
URN: urn:nbn:se:liu:diva-2835ISRN: LITH-ISY-EX--05/3643--SEOAI: diva2:20178
Available from: 2005-03-29 Created: 2005-03-29

Open Access in DiVA

fulltext(2505 kB)1568 downloads
File information
File name FULLTEXT01.pdfFile size 2505 kBChecksum MD5
Type fulltextMimetype application/pdf

By organisation
Department of Electrical Engineering
Computer and Information Science

Search outside of DiVA

GoogleGoogle Scholar
Total: 1568 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

Total: 988 hits
ReferencesLink to record
Permanent link

Direct link