@MASTERSTHESIS\{IMM2003-05980,
    author       = "M. Andreasen",
    title        = "Web services payment systems",
    year         = "2003",
    school       = "Informatics and Mathematical Modelling, Technical University of Denmark, {DTU}",
    address      = "Richard Petersens Plads, Building 321, {DK-}2800 Kgs. Lyngby",
    type         = "",
    note         = "This rapport is made as M. {SC}. project in computer science at the Technical University of Denmark, Informatics and Mathematical Modeling department. The rapport describes the work done in developing a payment platform to use with Java web services. The rapport describes some of the technologies within the web service domain, but the main effort is used in the design and implementation of the system developed. The project is made in cooperation with {IBM} Denmark crypto department, and the source material is {IBM} property. Special thanks to my supervisor at {DTU} Dr. Christian Damsgaard Jensen, and {IBM} Denmark Crypto Team.",
    url          = "http://www2.compute.dtu.dk/pubdb/pubs/5980-full.html",
    abstract     = "During the last decade of years the internet has evolved from being a media to share
relative static data among scientific institutions, to a media used to transport all sorts of
data among many different applications and devices. Many things are able to
communicate via the Internet, but there is still a huge challenge in integrating all these
things via one common language. During the last years {XML} has proven to be a
serious answer to such language. Build on {XML,} Web Services defines a protocol that
enables programs to share functionality via a network. The potential of programs
sharing functionality independent of device, operating system and implementation
language is huge: businesses can communicate independent of vendor of back end
systems, which is reducing cost by eliminate the human factor.
In longer terms Web services makes it possible for the user to be independent of one
system to do a specific task, because the common language makes it possible to select
another system that can do the same task. This is the first step in direction of a
computer grid that always can find computer power to serve the user. Autonomic
computing where computers maintain themselves is also one step closer, if the systems
know how to communicate with each other. Web services offers a way to register
available services, searching in such registries is also done in a standardized language,
which enables computer systems to automatic find and use applications on other
systems.
One huge challenge in implementing web services, is that the majority of computer
systems should be web services enabled, before the full potential of web services is
obvious: Speaking an internationally language not enough if everybody else do not
understand it. It is therefore important to have as many existing system converting as
possible, and make it easy to implement web services in new systems.
An issue when communicating between businesses (and when communicating on the
Internet in general), is security. If web services cannot guarantee security, it will be
very difficult to persuade companies to convert their existing systems, and choose web
services in new applications.
Another issue when implementing web services is the cost of the implementation.
Typically companies have good programmers understanding their existing systems, if
they must be re-educated to understand web services, it can be relative costly.
Introducing an abstraction layer between the application and the web service
technology, makes it possible to have the application programmers concerning about
the applications which they have proven to be good at. The details of web service
technology can be maintained by other specialized programmers, possible outside the
company.
This rapport will investigate the possibility of introducing an abstract layer that can
separate the application development process from the security and transport related
tasks. The focus will be on how to obtain different levels of security and access control
in payment systems. From the start the project is limited to focus on Java as
implementing language.
The result of the investigations will be used to develop a system that allows the user to
easily deploy applications as web services using different security models."
}