Securing Service-oriented Systems Using State-Based XML Firewall

نویسندگان

  • Abhinay Reddyreddy
  • Haiping Xu
چکیده

Web services security has been a challenging issue in recent years because current security mechanisms, such as conventional firewalls, are not sufficient for protecting service-oriented systems from XML-based attacks. In order to provide effective security mechanisms for service-oriented systems, XML firewalls were recently introduced as an extension to conventional firewalls for web services security. In this paper, we present a state-based XML firewall architecture that supports role-based access control and detection of XMLbased attacks. We develop a detailed design of our statebased XML firewall by defining state-based information, user information, and various access control policies and detection rules. The detection rules are modularized into separate units, which support real-time detection and verification of various types of XML-based attacks using state-based information and user information. To illustrate the effectiveness of our approach, we develop a prototype state-based XML firewall, and demonstrate how XML-based attacks can be efficiently detected.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Defending Against XML-Based Attacks Using State-Based XML Firewall

With the proliferation of service-oriented systems and cloud computing, web services security has gained much attention in recent years. Web service attacks, called XML-based attacks, typically occur at the SOAP message level, thus they are not readily handled by existing security mechanisms such as a conventional firewall. In order to provide effective security mechanisms for service-oriented ...

متن کامل

Formal modelling and analysis of XML firewall for service-oriented systems

Firewalls have been designed as a major component to protect a network or a server from being attacked. However, due to their emphasis on packet filtering rather than verifying user permissions and examining packet contents, conventional firewalls are not suitable for protecting service-oriented systems from unauthorised service invocations. In this paper, we present a formal XML firewall secur...

متن کامل

Formal modeling and analysis of XML firewall for service-oriented systems

As more businesses deploy web services over the Internet, the issue of how to secure them from intruders and possible threats becomes more important. Firewalls have been designed as a major component to protect a network or a server from being attacked. However, since conventional firewalls emphasize on packet filtering at the transport and session layer, rather than verifying user permissions ...

متن کامل

Apply Uncertainty in Document-Oriented Database (MongoDB) Using F-XML

As moving to big data world where data is increasing in unstructured way with high velocity, there is a need of data-store to store this bundle amount of data. Traditionally, relational databases are used which are now not compatible to handle this large amount of data, so it is needed to move on to non-relational data-stores. In the current study, we have proposed an extension of the Mongo...

متن کامل

Apply Uncertainty in Document-Oriented Database (MongoDB) Using F-XML

As moving to big data world where data is increasing in unstructured way with high velocity, there is a need of data-store to store this bundle amount of data. Traditionally, relational databases are used which are now not compatible to handle this large amount of data, so it is needed to move on to non-relational data-stores. In the current study, we have proposed an extension of the Mongo...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2008