Abstract—N-tier application design has become very
common in the IT industry. Each individual layer, such as the
application and data layer has its own main functionality. This
design is very helpful in securing the application from
unauthorized access and in protecting it from attacks to the
data layer. The data layer is the core of a company's business,
as all the important information of the company will be stored
in the data layer and normally will be located in a secured offline
server with limited local network access. The application
layer acts as the medium to exchange data between the client
layer and the data layer over a network. As such, the
application layer has been increasingly targeted for intrusion
and attacks. This paper will introduce a method to minimize
the security risks in the n-tier application design. The method
introduced in this paper will mainly focus on how to secure the
application layer from various attacks such as Denial of
Services (DoS) attack and spoofing attacks. This is achieved
through data protection such as random encryption key
generation, data encryption etc. and so forth at both the client
application and the application layer.
Index Terms—Automation, security, web services, encrypted
security token.
The authors are with the Faculty of Computing and Informatics,
Multimedia University, Persiaran Multimedia, 63100 Cyberjaya, Selangor,
Malaysia (e-mail: ccho@mmu.edu.my , alwayshee@gmail.com).
[PDF]
Cite:Kai-Cheong Hee and Chiung Ching Ho, "Design of Application Layer Services for Security Automation via a Web Service Approach," Journal of Advances in Computer Networks vol. 2, no. 1, pp. 76-84, 2014.