DOI QR코드

DOI QR Code

A Tolerant Scheme for SOAP Attacks in Web Services Security

웹서비스 보안에서 ?공격에 대한 관대한 계획

  • Hung, Pham Phuoc (Department of Computer Engineering, Dongguk University) ;
  • Nasridinov, Aziz (Department of Computer Engineering, Dongguk University) ;
  • Qing, Lin (Department of Computer Engineering, Dongguk University) ;
  • Byun, Jeongyong (Department of Computer Engineering, Dongguk University)
  • Published : 2011.11.11

Abstract

Nowadays Web Services are one of the most rapidly developed technologies and have become platform for e-ecommerce as well as B2B model. Therefore, when Web Services use SOAP as a protocol for communication, their security should be considered. However, those SOAP messages are prone to XML attacks that can create a foundation for typical faults and make it vulnerable to use. Unfortunately, recent researches established that solutions to deal with these problems have several limitations. In this paper, we explore attacks on SOAP messages and also provide confidentiality and integrity solutions. It is a tolerant scheme which is able to automatically detect and fix typical faults occurred in SOAP messages to combat with the security threats in order to improve its reliability.

Keywords