An Evaluation for WS-Security Policy Selection Methods


Supervision: Abeer El­sa­fie

Start date: Immedietely

More details:


WS-Security Policies are part of the WS-Policy specification. It provides a flexible and extensible grammar for expressing requirements and constraints in XML-Web Based system in this case "Security domain". In order to negotiate or select the optimum security policy agreed by both webservice's entities i.e. ws-provider (wsp) and ws-consumer (wsc), both parties have to agree on one compatible alternative. The policy intersection technique is only useful in the phase of addressing these compatible alternatives if they really exist. However further techniques such as Fuzzy MCDM and Lattice partial ordering are useful in the phase of selecting the optimum compatible alternative.

The goal of this thesis is to design real WS-Security Policies, that can be analyzed and examined for selection using the two proposed methods. Additionally evaluate the effectiveness of both seclection methods.


  • know­ledge on XML and webservices
  • Java Programming