Please use this identifier to cite or link to this item:
http://idr.nitk.ac.in/jspui/handle/123456789/8867
Title: | Protection against denial of service and input manipulation vulnerabilities in service oriented architecture |
Authors: | Pais, A.R. Deepak, D.J. Chandavarkar, B.R. |
Issue Date: | 2011 |
Citation: | Communications in Computer and Information Science, 2011, Vol.196 CCIS, , pp.331-343 |
Abstract: | Organizations are increasingly adopting Service Oriented Architecture (SOA) to build their distributed applications. SOA is a computing paradigm, emphasizing dynamic service discovery composition and interoperability. Web services are a technology that can be used to implement SOA and are increasingly becoming the SOA implementation of choice. Because a Web service relies on some of the same underlying HTTP and Web-based architecture as common Web applications, it is susceptible to similar threats and vulnerabilities. There are many vulnerabilities in web services such as SQL injection, Denial of Service, etc. that cannot be detected by web service standards and conventional firewalls. In this paper, we present a detailed design of XML firewall that can be used to prevent different vulnerabilities by validating the input xml documents before being processed by the web services. Also the XML firewall does the function of authentication, authorization and session management. We designed a modular architecture for XML firewall where each module checks for a particular vulnerability. We have also developed methods to detect and prevent SQL injection and Denial of Service vulnerabilities. � 2011 Springer-Verlag. |
URI: | http://idr.nitk.ac.in/jspui/handle/123456789/8867 |
Appears in Collections: | 2. Conference Papers |
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.