A Security Gateway for Message exchange in Services by Streaming and Validation

Cloud Computing is found to be today’s most commonly used Service Oriented Architecture (SOA) implementation. Cloud services are exposed as Web Services which follow the industry standards such as WSDL for service description, SOAP for enabling request and response and so on. Hence Web services security is of particular importance for the security assessment of cloud systems. Securing SOAP message exchange using WS-Security standards introduces new surface for attacks. The system proposed uses a gateway at client side as well as server side which could counter the attacks introduced due to WS-Security standards as well as other attacks introduced. The handlers at the gateway uses hardened SOAP schema as the source for validating the restricted form of request according to the requestor and provider and ensures security. The SOAP Schemata which introduces loopholes in terms of security needs to be hardened, as a result of which high resource consumption leading to DOS attack is introduced. This type of attack is countered by streaming the request before the service execution at a trusted gateway and enabling earlier detection of security violations.