Proceedings of the Korea Information Processing Society Conference (한국정보처리학회:학술대회논문집)
- 2011.11a
- /
- Pages.613-616
- /
- 2011
- /
- 2005-0011(pISSN)
- /
- 2671-7298(eISSN)
DOI QR Code
A Tolerant Scheme for SOAP Attacks in Web Services Security
웹서비스 보안에서 ?공격에 대한 관대한 계획
- Hung, Pham Phuoc (Department of Computer Engineering, Dongguk University) ;
- Nasridinov, Aziz (Department of Computer Engineering, Dongguk University) ;
- Qing, Lin (Department of Computer Engineering, Dongguk University) ;
- Byun, Jeongyong (Department of Computer Engineering, Dongguk University)
- 밤복흥 (동국대학교 컴퓨터멀티미디어학부) ;
- 아지즈 나스리디노프 (동국대학교 컴퓨터멀티미디어학부) ;
- 림청 (동국대학교 컴퓨터멀티미디어학부) ;
- 변정용 (동국대학교 컴퓨터멀티미디어학부)
- Published : 2011.11.11
Abstract
Nowadays Web Services are one of the most rapidly developed technologies and have become platform for e-ecommerce as well as B2B model. Therefore, when Web Services use SOAP as a protocol for communication, their security should be considered. However, those SOAP messages are prone to XML attacks that can create a foundation for typical faults and make it vulnerable to use. Unfortunately, recent researches established that solutions to deal with these problems have several limitations. In this paper, we explore attacks on SOAP messages and also provide confidentiality and integrity solutions. It is a tolerant scheme which is able to automatically detect and fix typical faults occurred in SOAP messages to combat with the security threats in order to improve its reliability.
Keywords