Enhancing Security of Web Service against WSDL Threats
In recent years, the field of Web service security has evolved rapidly and various security technologies and standards have been proposed. We found from our investigation that there is a WSDL threat, hitherto not discussed in Web service security literature but equally important. WSDL documents are the guidebook for attacking and hacking the Web services. Since a WSDL document contains explicit instructions on how to communicate private application, they can cause a series security breach if the Web services are compromised. To the best of our knowledge, all standards which were presented by now tried to defend security problems of SOAP messages which are transferred between Web services. This paper is bringing into focus enhancing security of Web services WSDL file. It purposes a model for encrypting WSDL document to handle its security problem. This solution is suitable for Web services which have critical rules according their policies and their WSDL faced with hacking problems.
XML Encryption Web service Security WSDL WSDL attacks
Arezoo Mirtalebi Mohammad Reza Khayyambashi
Department of Computer Faculty of Engineering University of Isfahan Isfahan, Iran
国际会议
北京
英文
920-923
2011-08-08(万方平台首次上网日期,不代表论文的发表时间)