XML signature element wrapping attacks and countermeasures
Proceedings of the 2005 workshop on Secure web services
Towards secure SOAP message exchange in a SOA
Proceedings of the 3rd ACM workshop on Secure web services
SOA and Web Services: New Technologies, New Standards - New Attacks
ECOWS '07 Proceedings of the Fifth European Conference on Web Services
A Security Framework for Input Validation
SECURWARE '08 Proceedings of the 2008 Second International Conference on Emerging Security Information, Systems and Technologies
Distributed Systems Security: Issues, Processes and Solutions
Distributed Systems Security: Issues, Processes and Solutions
XML and Web Services Security Standards
IEEE Communications Surveys & Tutorials
| Hi-index | 0.00 |
Web services are increasingly becoming an integral part of next-generation web applications. A Web service is defined as a software system designed to support interoperable machine-to-machine interaction over a network based on a set of XML standards. This new architecture and set of protocols brings new security challenges such as confidentiality, integrity, anonymity, authentication, authorization and availability of requested services. Vulnerabilities in Web services are very dangerous since they can be used by attackers to damage the company's information system and steal confidential data. In this paper, we carry out an experimental analysis of attacks against Web services. We demonstrate experimentally three types of attacks and we reveal dangerous techniques and tools used by attackers that administrators have to prevent. Moreover, we study the effects of these attacks by observing their impact on Information System data and resources. Finally, we propose general countermeasures to prevent and mitigate such attacks.