Securing Service-oriented Systems Using State-Based XML Firewall
نویسندگان
چکیده
Web services security has been a challenging issue in recent years because current security mechanisms, such as conventional firewalls, are not sufficient for protecting service-oriented systems from XML-based attacks. In order to provide effective security mechanisms for service-oriented systems, XML firewalls were recently introduced as an extension to conventional firewalls for web services security. In this paper, we present a state-based XML firewall architecture that supports role-based access control and detection of XMLbased attacks. We develop a detailed design of our statebased XML firewall by defining state-based information, user information, and various access control policies and detection rules. The detection rules are modularized into separate units, which support real-time detection and verification of various types of XML-based attacks using state-based information and user information. To illustrate the effectiveness of our approach, we develop a prototype state-based XML firewall, and demonstrate how XML-based attacks can be efficiently detected.
منابع مشابه
Defending Against XML-Based Attacks Using State-Based XML Firewall
With the proliferation of service-oriented systems and cloud computing, web services security has gained much attention in recent years. Web service attacks, called XML-based attacks, typically occur at the SOAP message level, thus they are not readily handled by existing security mechanisms such as a conventional firewall. In order to provide effective security mechanisms for service-oriented ...
متن کاملFormal modelling and analysis of XML firewall for service-oriented systems
Firewalls have been designed as a major component to protect a network or a server from being attacked. However, due to their emphasis on packet filtering rather than verifying user permissions and examining packet contents, conventional firewalls are not suitable for protecting service-oriented systems from unauthorised service invocations. In this paper, we present a formal XML firewall secur...
متن کاملFormal modeling and analysis of XML firewall for service-oriented systems
As more businesses deploy web services over the Internet, the issue of how to secure them from intruders and possible threats becomes more important. Firewalls have been designed as a major component to protect a network or a server from being attacked. However, since conventional firewalls emphasize on packet filtering at the transport and session layer, rather than verifying user permissions ...
متن کاملApply Uncertainty in Document-Oriented Database (MongoDB) Using F-XML
As moving to big data world where data is increasing in unstructured way with high velocity, there is a need of data-store to store this bundle amount of data. Traditionally, relational databases are used which are now not compatible to handle this large amount of data, so it is needed to move on to non-relational data-stores. In the current study, we have proposed an extension of the Mongo...
متن کاملApply Uncertainty in Document-Oriented Database (MongoDB) Using F-XML
As moving to big data world where data is increasing in unstructured way with high velocity, there is a need of data-store to store this bundle amount of data. Traditionally, relational databases are used which are now not compatible to handle this large amount of data, so it is needed to move on to non-relational data-stores. In the current study, we have proposed an extension of the Mongo...
متن کامل