Algorithm for Securing SOAP Based Web Services from WSDLScanning Attacks

Apply

 Algorithm for Securing SOAP Based Web Services from WSDLScanning Attacks

Journal Title: IOSR Journals (IOSR Journal of Computer Engineering) - Year 2015, Vol 17, Issue 3

Abstract

Abstract: The Web Services are the emerging paradigm of Service Oriented Architecture (SOA) in the modernenterprise computing to achieve interconnection of related applications in an organization in terms of services.A service is a Software component which fulfills a defined functionality and does not depend on the context ofother services. In programming terms, the service is called as web method which is a function that accepts inputparameters and returns the output. The data types of input/output parameters may be simple or complex. In SO Aarchitecture, the list of web methods that a web service offers and the data types of their input/outputparameters are described using Web Services Description Language (WSDL) standard and published toUniversal Description, Discovery and Integration (UDDI) service registry where the web services clients searchthe service registry for obtaining the required WSDL and start binding to the web server. The WSDL is pronefor SOA attacks as the WSDL is represented in XML format which is a plain text. Even though few researchersproposed solutions for WSDL, those solutions are inadequate concerning to the modern communicationtechnologies and they are not able to achieve any landmark in providing security for WSDL attacks. This paperproposes a new algorithm for preventing WSDL attacks which uses the existing security standards such as Public Key Infrastructure (PKI), Digital Signatures, and XML Encryption/Decryption standards.

Authors and Affiliations

Mohamed Ibrahim B , Mohamed Shanavas A R

Keywords

SOA Web Services security WSDL PKI computer networks

EP ID EP153244
DOI -
Views 95
Downloads 0