DocumentCode
2702704
Title
Intrusion Resistant SOAP Messaging with IAPF
Author
Sidharth, Navya ; Liu, Jigang
Author_Institution
MindZephyr Inc, Chaska, MN
fYear
2008
fDate
9-12 Dec. 2008
Firstpage
856
Lastpage
862
Abstract
Simple object access protocol (SOAP) is the communication protocol used by Web services to communicate between systems. Since SOAP messages have the ability to bypass firewalls and directly get processed by web servers, their security is critical to the security of the Web servers. This paper explores the security vulnerabilities of SOAP messages in a service-oriented architecture (SOA) environment and describes the implementation of the integrated application and protocol framework (IAPF) that can successfully combat the security threats. In addition to the discussion on how IAPF helps in the early detection of both XML injection and parameter tampering attacks, the details about the fundamental implementation of the IAPF mechanisms in supporting intrusion resistant SOAP messaging are also presented.
Keywords
Web services; XML; access protocols; authorisation; message authentication; software architecture; Web server security; Web service; XML injection; communication protocol; firewall; integrated application; intrusion resistant SOAP messaging; parameter tampering attack; protocol framework; service-oriented architecture; simple object access protocol; Access protocols; Communication system security; Computer architecture; Computer industry; Distributed computing; Service oriented architecture; Simple object access protocol; Web server; Web services; XML; IAPF; SOAP; Web Services; Web Services Security;
fLanguage
English
Publisher
ieee
Conference_Titel
Asia-Pacific Services Computing Conference, 2008. APSCC '08. IEEE
Conference_Location
Yilan
Print_ISBN
978-0-7695-3473-2
Electronic_ISBN
978-0-7695-3473-2
Type
conf
DOI
10.1109/APSCC.2008.221
Filename
4780783
Link To Document