Severe SOA Security Threats on SOAP Web Services– A Critical Analysis
Journal Title: IOSR Journals (IOSR Journal of Computer Engineering) - Year 2014, Vol 16, Issue 2
Abstract
Abstract: Enterprise Application Integration (EAI) involves several technologies; among them, the popular and recent one is Service Oriented Architecture (SOA). Mainly, SOA is used for developing loosely coupled distributed applications. Loosely coupled applications are a group of applications (to form EAI) which can operate independently of each other. The early SOA was achieved by using a number of architectures which include DCOM (Distributed Component Object Model), ORB (Object Request Broker), and RMI (Remote Method Invocation). However, these architectures work on their own defined protocols, and these protocols are specific to certain languages and compilers that do not permit the construction of distributed systems over heterogeneous platforms. Currently SOA provides remedies to these issues using common internet protocols in the form of Web Services. A service is a Software component that is well-defined, self-contained, and does not depend on the context or state of other services. The Web Service provides well-defined interfaces for distributed functionalities, which are independent of machine architectures, operating systems, and programming languages. In this way, Web Services has emerged as a dominant paradigm for constructing and composing distributed business collaborations over the web. As Web Services architecture is dynamic and loosely coupled, security aspects must be considered thoroughly at the time of designing, because Web Services require high security. In this paper, the authors critically analyzed few severe SOA security threats and their implications on SOAP Web Services based on the literature study and their real-time experience.
Authors and Affiliations
Mohamed Ibrahim B , Dr. Mohamed Shanavas A R
Keywords
Related Articles
- EP ID EP110539
- DOI 10.9790/0661-16211135141
- Views 139
- Downloads 0
Attack Graph to Graph Database
Abstract: Databases are an integral part of almost any computing system today, and users heavily rely on the services they provide. When we interact with a computing system, we expect that any data be stored for fu...
Design of Non-Volatile SRAM Using Magnetic Tunnel Junction
In the last 10 years, FPGA circuits have developed rapidly, because of their flexibility, their ease of use and the low cost to design a function with them. However, the internal memories used in FPGA circuit could limit...
Mining Top-k Closed Sequential Patterns in Sequential Databases
In data mining community, sequential pattern mining has been studied extensively. Most studies require the specification of minimum support threshold to mine the sequential patterns. However, it is difficult &nbs...
Identification of common parameters for classifying malwares with decision tree
Abstract: Malware analysis is a very tedious and time consuming process. It is the process of determining the behavior and purpose of a given malware sample created by the hacker. Every day new malware sample is be...
An Overview of Intrusion Detection and Prevention Systems (IDPS) and Security Issues
Technical solutions, introduced by policies and implantations are essential requirements of an information security program. Advanced technologies such as intrusion detection and prevention system (IDPS) an...