Severe SOA Security Threats on SOAP Web Services– A Critical Analysis
Journal Title: IOSR Journals (IOSR Journal of Computer Engineering) - Year 2014, Vol 16, Issue 2
Abstract
Abstract: Enterprise Application Integration (EAI) involves several technologies; among them, the popular and recent one is Service Oriented Architecture (SOA). Mainly, SOA is used for developing loosely coupled distributed applications. Loosely coupled applications are a group of applications (to form EAI) which can operate independently of each other. The early SOA was achieved by using a number of architectures which include DCOM (Distributed Component Object Model), ORB (Object Request Broker), and RMI (Remote Method Invocation). However, these architectures work on their own defined protocols, and these protocols are specific to certain languages and compilers that do not permit the construction of distributed systems over heterogeneous platforms. Currently SOA provides remedies to these issues using common internet protocols in the form of Web Services. A service is a Software component that is well-defined, self-contained, and does not depend on the context or state of other services. The Web Service provides well-defined interfaces for distributed functionalities, which are independent of machine architectures, operating systems, and programming languages. In this way, Web Services has emerged as a dominant paradigm for constructing and composing distributed business collaborations over the web. As Web Services architecture is dynamic and loosely coupled, security aspects must be considered thoroughly at the time of designing, because Web Services require high security. In this paper, the authors critically analyzed few severe SOA security threats and their implications on SOAP Web Services based on the literature study and their real-time experience.
Authors and Affiliations
Mohamed Ibrahim B , Dr. Mohamed Shanavas A R
Keywords
Related Articles
- EP ID EP110539
- DOI 10.9790/0661-16211135141
- Views 117
- Downloads 0
Handoff Management protocols MIPV6 and HMIPV6 Comparative analysis in 4G wireless networks
With the increasing demands for new data and real-time services, wireless networks should support calls with different traffic characteristics and different Quality of Service (QoS) guarantees. Instead of  ...
Survey on adverse influencing factors in the way of successfulrequirement engineering
Abstract: Requirement engineering is the first phase for the development of any software. Software have beendiscarded due to poor and ambiguous requirements. This study based on the results of surveys conducted to...
A Novel Method of Data Staging For Better Mobile User Accessibility through Cloud
Abstract: In this paper, we identify and create vantage sites to stage shared data items for the ease of mobile user accesses. As mobile users will be charged on the usage of communication bandwidth and for the amo...
Privacy Protection in Personalized Web Search Via TaxonomyStructure
Abstract: Web search engine has long become the most important portal for ordinary people looking foruseful information on the web. User might experience failure when search engine return irrelevanceinformation due to en...
A Comparative Result Analysis of Text Based SteganographicApproaches
Abstract: Today in this digital era everything (data) can be digitized and can be transmitted over thecommunication networks. But not withstanding with this advantage it also has a downside i.e. the digitized datacan be...