Security and Privacy in Mobile Information and Communication Systems. First International ICST Conference, MobiSec 2009, Turin, Italy, June 3-5, 2009, Revised Selected Papers

Research Article

Secure Service Invocation in a Peer-to-Peer Environment Using JXTA-SOAP

Download
620 downloads
  • @INPROCEEDINGS{10.1007/978-3-642-04434-2_18,
        author={Maria Laghi and Michele Amoretti and Gianni Conte},
        title={Secure Service Invocation in a Peer-to-Peer Environment Using JXTA-SOAP},
        proceedings={Security and Privacy in Mobile Information and Communication Systems. First International ICST Conference, MobiSec 2009, Turin, Italy, June 3-5, 2009, Revised Selected Papers},
        proceedings_a={MOBISEC},
        year={2012},
        month={5},
        keywords={service peer-to-peer security},
        doi={10.1007/978-3-642-04434-2_18}
    }
    
  • Maria Laghi
    Michele Amoretti
    Gianni Conte
    Year: 2012
    Secure Service Invocation in a Peer-to-Peer Environment Using JXTA-SOAP
    MOBISEC
    Springer
    DOI: 10.1007/978-3-642-04434-2_18
Maria Laghi1,*, Michele Amoretti1,*, Gianni Conte1,*
  • 1: University of Parma
*Contact email: laghi@ce.unipr.it, michele.amoretti@unipr.it, gianni.conte@unipr.it

Abstract

The effective convergence of service-oriented architectures (SOA) and peer-to-peer (P2P) is an urgent task, with many important applications ranging from e-business to ambient intelligence. A considerable standardization effort is being carried out from both SOA and P2P communities, but a complete platform for the development of secure, distributed applications is still missing. In this context, the result of our research and development activity is JXTA-SOAP, an official extension for JXTA enabling Web Service sharing in peer-to-peer networks. Recently we focused on security aspects, providing JXTA-SOAP with a general security management system, and specialized policies that target both J2SE and J2ME versions of the component. Among others, we implemented a policy based on Multimedia Internet KEYing (MIKEY), which can be used to create a key pair and all the required parameters for encryption and decryption of service messages in consumer and provider peers running on resource-constrained devices.