mobile police information system based on web services
TRANSCRIPT
TSINGHUA SCIENCE AND TECHNOLOGYI S S N 1 0 0 7 - 0 2 1 4 0 1 / 2 1 p p 1 - 7Volume 11, Number 1, February 2006
Mobile Police Information System Based on Web Services*
YIN Hao ( )**, FU Qiang ( ), LIN Chuang ( ), TAN Zhangxi ( ),
DING Rong ( ), LIN Yishu ( ), LI Yanxi ( ), FAN Yanfei ( )
Department of Computer Science and Technology, Tsinghua University, Beijing 100084, China
Abstract: The demand for communications anywhere, anytime, and on any device without recording the
date is growing with the development of modern information technologies. Current wireless communications
enable people to freely exchange information, while web services provide loosely-coupled, language-neutral,
and platform-independent ways of linking applications within organizations, across enterprises, and across
the Internet. This paper describes a mobile information system for police service, which integrates wireless
communication technologies and web service technologies. The system satisfies the special demands of
police information systems, such as security and interoperability. Policemen in the system can use various
kinds of mobile terminals, such as mobile phones, tablet PCs, personal digital assistants, and laptops
equipped with wireless LAN or GPRS to access data in the central database. The system is based on web
services with a secure web service architecture and simple object access protocol message passing.
Key words: police information system; web service; security; wireless communication
Introduction
The rapid developments in information technology
(IT), particularly in wireless communication and web
services technologies, are substantially changing the
landscape of organizational communications. Wireless
communication technologies enable people to ex-
change information anywhere, anytime, and on any
device, while web services provide technology for ser-
vice-oriented computing. Web services allow programs
written in different languages on different platforms to
communicate with each other in a standard way[1]
. By
integrating these technologies and systems, consistent
business models can be implemented on a broad array
of devices: not just on mobile devices operating over
mobile networks, but also on servers and PCs con-
nected to the Internet[1]
.
In addition, IT systems play an integral part in the
police’s capability to enforce laws and provide safety
services. A major challenge that police face is to pro-
vide a professional and consistent national policing
service, twenty-four hours a day, throughout a geo-
graphically spread population, using a broad range of
IT systems. Some parts of the police IT architecture,
such as the emergency phone system, contribute to
community safety, while other systems, such as the po-
lice radio network, provide effective coordination of
resources and a safety link for police staff working in
the field. Managing and maintaining a diverse range of
IT systems require sound solutions to ensure police
goals to be ably supported by new technologies. This
paper presents a novel integration of wireless commu-
nication technologies and web services technologies to
realize a mobile police information system to ensure
the police goals.
Received: 2004-04-01; revised: 2004-06-10
Supported by the National Natural Science Foundation of
China (Nos. 60372019 and 60473086)
To whom correspondence should be addressed.
E-mail: [email protected]
Tel: 86-10-62796495A key benefit of web services is the capability of
Tsinghua Science and Technology, February 2006, 11(1): 1-72
delivering integrated and interoperable solutions. In
police information systems, security is a key concept
that needs to be addressed as web services become
fundamental components in the system[2,3]
. The integ-
rity, confidentiality, and security of the web services
must be ensured through the application of a compre-
hensive security model which includes security topol-
ogy, platform/transport-level security, and application
layer security. This system uses a series of new secu-
rity technologies for mobile police information sys-
tems. The mobile police information system uses vari-
ous terminals (such as personal digital assistants
(PDAs)), GPRS networks, and .Net technologies.
1 Web Service Security Model
Web service security can be applied at three levels[4]
:
Platform/transport-level (point-to-point) security;
Application-level (customer) security; and
Message-level (end-to-end) security.
Each approach has different strengths and weak-
nesses described below. The choice of the approach is
largely dependent upon the characteristics of the archi-
tecture and platforms involved in the message ex-
change. The mobile information system for police ser-
vice focuses on platform- and application-level secu-
rity, so these two security levels are described with an
introduction to message-level security.
1.1 Platform/transport-level (point-to-point) security
The transport channel between two endpoints (web
service client and web service) can be used to provide
point-to-point security as illustrated in Fig. 1.
Fig. 1 Platform/transport-level security
In the platform-level model, the client sends an
XML format request to the web service. The XML
message is not encrypted by the client. When the mes-
sage is transported in the transport channel, the
network encrypts the entire data stream to make sure
that the transport is secure.
This system uses a tightly coupled Microsoft Win-
dows operating system environment. The Internet in-
formation server (IIS) provides basic, digest, integrated,
and certificate authentication. The ASP.NET web ser-
vice inherits some of the ASP.NET authentication and
authorization features. The secure sockets layer (SSL)
is used to provide message integrity and confidentiality.
1.2 Application-level security
With application-level security, the application con-
trols security with custom security features (Fig. 2).
Fig. 2 Application-level security
In the application-level security model, for example,
an application can use a custom simple object access
protocol (SOAP) header to pass user credentials to au-
thenticate the user with each web service request. A
common approach is to pass a ticket (or user name or
license) in the SOAP header. The application has the
flexibility to generate its own principal object that con-
tains roles. The application can optionally encrypt
what it needs to, although this requires secure key stor-
age and developers must have knowledge of the rele-
vant cryptography APIs. An alternative technique uses
SSL to provide confidentiality and integrity and
combine it with custom SOAP headers to perform
authentication.
The mobile police information system uses the
SOAP Toolkit 2.0[5,6]
offered by Microsoft, which pro-
vides support for internet security based on the IIS se-
curity infrastructure to implement the application-level
security model.
1.3 Message-level (end-to-end) security
Message-level security is the most flexible and power-
ful approach and is used by the global XML architec-
ture (GXA) initiative, specifically within the web
YIN Hao ( ) et al Mobile Police Information System Based on Web Services 3
service (WS)-security specification[7]
. Message-level
security is illustrated in Fig. 3.
WS-security specifications describe enhancements
to SOAP messaging that provide message integrity,
message confidentiality, and single message authenti-
cation. In this model, authentication is provided by se-
curity tokens, which flow in SOAP headers[5,8]
. No
specific type of token is required by WS-security. The
security tokens may include Kerberos tickets, X.509
certificates, or a custom binary token. Secure commu-
nication is provided by digital signatures to ensure
message integrity and XML encryption for message
confidentiality.
Fig. 3 Message-level security
2 System Architecture
2.1 Framework
Enterprise networking topologies for systems with
critical data information and security demands have
three different types: the inner model, the outer model,
and the mixed model.
In the inner model, the critical data and the applica-
tion are located in the inner part of the network, which
is protected by a firewall. The access path to the data is
through the outer part of the mobile police information
system, which focuses on authentication and authoriza-
tion issues.
The outer model topology includes two databases,
an outer database and an inner database. All the data
and applications needed by the police services are lo-
cated in the outer part of the network. When the client
calls for services, the application servers in the outer
part of the network offer the desired data from the
outer database. If the desired data are not yet in the
outer database, the outer database will get it from the
inner database. When the job is done, the application
servers will temporarily keep the information, which is
then written back into the inner database, in a special
table. The synchronization server checks the table pe-
riodically and refreshes the inner and the outer data-
bases. In the current model, all the requests are proc-
essed by only accessing the outer part of the network.
Therefore, there are less security problems with the
system, especially in the inner database where all the
critical data are stored.
The difference between those two types of network
topologies is the use of database servers in the outer
part of the network. In the inner model system, the cli-
ents access the inner part database directly so they get
the most updated data. The disadvantage of this type of
system is that the response is slow because of the long
path through the outer network. The outer topology has
better system delay performance at the expense of
maintenance costs and system complexity.
The mixture model mixes the inner and the outer
model topologies, so that one can access both the inner
part and the outer part databases. Critical data are
stored in the inner database with the data with a lower
security level stored in the outer database. The system
can provide multiple levels of data access authori-
zations so that senior police officers can directly access
the inner database whereas ordinary officers can only
access the outer database directly and the inner data-
base indirectly.
All these models can be used with the enterprise
networking architecture. The current model uses the
mixture model topology. Figure 4 illustrates the topol-
ogy structure of the mobile police information system.
The system can be implemented using various tech-
nologies such as DCOM, CORBA, and web services.
Our system is built on web services.
The client side of the system assumes that the po-
licemen will use the mobile web browser and the smart
device program on a PDA to access the information
system. Since the system is web service-based, the cli-
ent utilizes the web service to access data stored in the
database. The server side uses an application server to
authenticate the logging user and finish the authoriza-
tion. The application server offers the web service to
the client, so the PDA communicates with the applica-
tion server. The web service was named AppSevWS.
The AppSevWS also references the web service of-
fered by the database server, the data service, to get the
data from the database. The inner database service was
named IDBWS (inner database web service) while the
Tsinghua Science and Technology, February 2006, 11(1): 1-74
Fig. 4 Topology of the mixture model for mobile police information system
outer database was named ODBWS (outer database
web service).
The client sends the data request to the AppSevWS,
without caring about where the data are. The App-
SevWS does the authentication and authorization and
dispatches the corresponding web method offered by
ODBWS and IDBWS to obtain the desired data infor-
mation and pass it to the client.
Two gateways are used in the information system
for the outer and the inner parts of the system networks.
The application server is located in the outer part of the
network. The outer gateway takes charge of the secu-
rity of the application server and the outer network,
where the outer database server is located. When the
client calls for data in the inner database, the applica-
tion server calls the corresponding methods of the
IDBWS which is deployed in the inner part of the net-
work. The gateway of the inner network, which is con-
figured to only accept requests from the application
server, can confirm that the inner part of the network is
validly accessed.
2.2 Security architecture
As noted above, the security of systems with critical
information must be ensured. The analysis described in
the previous section was used to design the system se-
curity architecture in Fig. 5[9]
which shows the remote
application model for the mobile information system
for police service together with the security services
provided by the various technologies[10]
. Authentica-
tion and authorization occur at many individual points
throughout the tiers. These services are provided pri-
marily by Microsoft products, such as IIS, ASP.NET,
and SQL server. Secure communication channels are
also used throughout the tiers from the client browser
or device right through to the database. All channels
are secured using the SSL[11]
.
ASP.NET works in conjunction with IIS, the .NET
framework, and the underlying security services pro-
vided by the operating system to provide a range of au-
thentication and authorization mechanisms. These are
also summarized in Fig. 5 which illustrates the authen-
tication and authorization mechanisms provided by IIS
and ASP.NET in the system. A web request issued by
a client initiates the following sequence of authentica-
tion and authorization events[10]
:
1) The HTTPs web request is received from the net-
work. The SSL is used to ensure the server identity (using
server certificates) and the client identity. The SSL also
provides a secure channel to protect sensitive data passed
between the client and the server (and vice versa).
2) IIS authenticates the caller using basic, digest, in-
tegrated (NTLM or Kerberos), or certificate
authentication. IIS creates a Windows access token for
each authenticated user. If anonymous authentication is
selected, IIS creates an access token for the anonymous
internet user account, which, by default, is IUSR_
MACHINE.
3) IIS authorizes the caller to access the requested
resource. NTFS permissions defined by access control
lists (ACLs) attached to the requested resource are
used to authorize access. IIS can also be configured to
accept requests only from client computers with spe-
cific IP addresses.
4) IIS passes the authenticated caller’s Windows ac-
cess token to ASP.NET. This may be the anonymous
internet user’s access token, if anonymous authentica-
tion is being used.
YIN Hao ( ) et al Mobile Police Information System Based on Web Services 5
Fig. 5 Security architecture of web application using web service
5) ASP.NET authenticates the caller: If ASP.NET is
configured for Windows authentication, no additional
authentication occurs at this point. ASP.NET will ac-
cept any token which it receives from IIS. If ASP.NET
is configured for forms authentication, the credentials
supplied by the caller (using an HTML form) are au-
thenticated against a data store; which is typically a
Microsoft SQL server database or Microsoft active di-
rectory service. If ASP.NET is configured for passport
authentication, the user is redirected to a passport site
and the passport authentication service authenticates
the user.
6) ASP.NET authorizes access to the requested re-
source or operation: The UrlAuthorization-Module (a
system provided by HTTP module) uses authorization
rules configured in Web.config (specifically, the <au-
thorization> element) to ensure that the caller can ac-
cess the requested file or folder. With Windows au-
thentication, the FileAuthorizationModule (another
HTTP module) checks that the caller has the permis-
sion to access the requested resource. The caller’s ac-
cess token is compared against the ACL which protects
the resource. .NET roles audit can also be used (either
declaratively or programmatically) to ensure that the
caller is authorized to access the requested resource or
perform the requested operation.
7) Code within the application accesses local and/or
remote resources by using a particular identity. By
default, ASP.NET performs no impersonation and, as a
result, the configured ASP.NET process account pro-
vides the identity. Alternate options include the origi-
nal caller’s identity (if impersonation is enabled), or a
configured service identity.
2.3 Security problem with mobile terminal devices
Mobile security ensures that the mobile terminal de-
vices are secure by using the following approaches:
The critical data are not stored permanently in the
device. The application will delete data
downloaded from the database before the mobile
terminal is closed.
Restrict the use of the virtual private network
(VPN) to the valid subscriber indentity module
(SIM) card which is registered in the home loca-
tion register (HLR) for special access point net-
work (APN) use.
The authentication model in the outer-part net-
work will check the device ID, user name, and
the dialing code to make sure that the device it-
self is valid.
The critical software on the device needs a user-
name and password for use.
3 Implementation
Mobile police information system consists of 5 parts.
Tsinghua Science and Technology, February 2006, 11(1): 1-76
The client side uses a smart device program called
SDAInfoSysClient. The server side has three web ser-
vices: AppSevWS, IDBWS, and ODBWS described in
Section 2. In addition, the system has a mobile web
application and a mobile web site which can be ac-
cessed by the web browser on a PDA. Figure 6 illus-
trates the components and architecture of the mobile
police information system.
Fig. 6 Mobile police information system architecture
The whole system was built using the Micro-
soft .NET framework and .NET compact framework.
On the server side, the mobile web application and the
web service are deployed on Microsoft IIS. The
IDBWS and ODBWS are associated with Microsoft
SQL Server 2000. The whole system runs on the
Windows 2003 Server platform.
Figure 7 shows the mobile web page for login in the
web browser on a pocket PC 2002. A smart device
program information page is shown in Fig. 8. Police
Fig. 7 Mobile web page (emulator view)
Fig. 8 Smart device program interface on a PDA
officers can download more critical information from
the database by the application. The system has two
gateways to protect the outer and inner parts. The
gateway interface and functions are illustrated in Fig. 9.
Fig. 9 Gateway interface
4 Conclusions
A mobile web information system was developed for
police service. The system uses software on a mobile
terminal device, such as a PDA, to interface with the
web service provided by the server to access the data
stored in the database. The whole system includes
three different web services working together to form
an information system. The security fractions are the
most important parts of the system so they were the fo-
cus of the web service when developing the system.
Future research will focus on advancing the proto-
cols of today’s XML web services standards, espe-
cially authentication, authorization, and the message-
level security of SOAP messages.
References
[1] Watkins Demien. Mobile web services technical roadmap.
http://www.microsoft.com/serviceproviders/mobilewebser
vices/mws_tech_roadmap.asp. 2003, 11.
[2] Watkins Demien. An overview of security in the .NET
framework. http://msdn.microsoft.com/library/en-us/
dnnetsec/html/netframesecover.asp. 2002.
[3] Meier J D, Mackman A, Dunner M. Security in a web ser-
vices world: A proposed architecture and roadmap.
http://msdn.microsoft.com/library/en-us/dnwssecur/html/
securitywhitepaper.asp. 2002.
[4] Meier J D, Mackman A, Dunner M, Vasireddy S. Web ser-
vices security S. http://msdn.microsoft.com/library/default.
asp?url=/library/en-us/dnnetsec/html/SecNetch10.asp.2002.
YIN Hao ( ) et al Mobile Police Information System Based on Web Services 7
[5] Powell Matt. Real SOAP security. http://msdn.microsoft.
com/library/default.asp?url=/library/en-us/dnservice/html/
service11212001.asp. 2001.
[6] Kirtland Mary. Secure web services using the SOAP tool-
kit. http://msdn.microsoft.com/archive/default. asp?url=
/archive/en-us/dnarxml/html/websvcs_usingsoap.asp. 2001.
[7] Powell Matt. Web services security (WS-security).
http://msdn.microsoft.com/library/default.asp?url=/library/
en-us/dnglobspec/html/ws-security.asp. 2002.
[8] Gavrylyuk Kirill, Lead Test. Web data SOAP team build-
ing secure web services with Microsoft SOAP toolkit 2.0.
http://msdn.microsoft.com/library/default.asp?url=/library/
en-us/dnsoap/html/soapsecurity.asp. 2001.
[9] Meier J D, Mackman A, Dunner M. Security model for
ASP.NET applications. http://msdn.microsoft.com/library/
default.asp?url=/library/en-us/dnnetsec/html/SecNetch02.
asp. 2002.
[10] Meier J D, Mackman A, Dunner M, Vasireddy S.
ASP.NET Security. http://msdn.microsoft.com/library/ de-
fault.asp?url=/library/en-us/dnnetsec/html/SecNetch08.asp.
2002.
[11] Bollefer T, Chander G, Johansson J, Kass M, Olson E.
Building and configuring more secure web sites.
http://msdn.microsoft.com/library/default.asp?url=/library/
en-us/dnnetsec/html/openhack.asp. 2002.
Welcome contributions from all over the world
Tsinghua Science and Technology (Tsinghua Sci Technol), a comprehensive academic journal sponsored by
Tsinghua University, is published bimonthly. This journal aims at presenting the up-to-date scientific achieve-
ments with high creativity and great significance in various engineering fields and in mathematical sciences,
life sciences, chemistry, physics, etc. Contributions within the above scope all over the world are welcome.Tsinghua Sci Technol has an excellent editorial committee including many famous professors and scientists
home and abroad (including two Noble Prize winners, nine members of the Chinese Academy of Science or the
Chinese Academy of Engineering, and one member of U.S. National Academy of Engineering) who guarantee
the journal’s excellent quality. In addition, an American expert is in charge of the correction of English writing
for each article.
Tsinghua Sci Technol is indexed by Engineering index (Ei), Chemical Abstracts (CA, USA), INSPEC, P
(Russia), SA, Cambridge Abstract, and other abstracting indexes.
The electronic version of Tsinghua Sci Technol is covered by ScienceDirect from 2005. Readers who search
ScienceDirect will find related papers in Tsinghua Science and Technology (Website:
http://www.sciencedirect.com/science/journal/10070214), Elsevier is the leading science, technology, and
medical information publisher in the world. Its ScienceDirect is the biggest online research document database
in full text, including more than 1800 journals, more than 60 000 000 abstracts and more than 6 000 000 full-
text documents.