Weider D. Yu, Passarawarin Supthaweesuk, D. Aravind
{"title":"基于测试的可靠Web服务","authors":"Weider D. Yu, Passarawarin Supthaweesuk, D. Aravind","doi":"10.1109/SOSE.2005.38","DOIUrl":null,"url":null,"abstract":"The Web services technology allows software components independently developed in disparate platforms to communicate in a seamless manner. They constitute a loosely coupled, distributed system that is highly scalable. But, they also inherit the vulnerabilities of such systems. As Web services increase in complexity and connectivity, the associated security risks also increase exponentially. Many of the security breaches can be traced back to poor testing. In this paper, research on security vulnerabilities in SOAP based Web services is presented. The security context of traditional Web applications is compared to that of Web services. An attempt is made to map common attack patterns to security testing requirements with regard to Web services.","PeriodicalId":229065,"journal":{"name":"IEEE International Workshop on Service-Oriented System Engineering (SOSE'05)","volume":"33 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2005-10-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"10","resultStr":"{\"title\":\"Trustworthy Web services based on testing\",\"authors\":\"Weider D. Yu, Passarawarin Supthaweesuk, D. Aravind\",\"doi\":\"10.1109/SOSE.2005.38\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The Web services technology allows software components independently developed in disparate platforms to communicate in a seamless manner. They constitute a loosely coupled, distributed system that is highly scalable. But, they also inherit the vulnerabilities of such systems. As Web services increase in complexity and connectivity, the associated security risks also increase exponentially. Many of the security breaches can be traced back to poor testing. In this paper, research on security vulnerabilities in SOAP based Web services is presented. The security context of traditional Web applications is compared to that of Web services. An attempt is made to map common attack patterns to security testing requirements with regard to Web services.\",\"PeriodicalId\":229065,\"journal\":{\"name\":\"IEEE International Workshop on Service-Oriented System Engineering (SOSE'05)\",\"volume\":\"33 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2005-10-20\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"10\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"IEEE International Workshop on Service-Oriented System Engineering (SOSE'05)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SOSE.2005.38\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE International Workshop on Service-Oriented System Engineering (SOSE'05)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SOSE.2005.38","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
The Web services technology allows software components independently developed in disparate platforms to communicate in a seamless manner. They constitute a loosely coupled, distributed system that is highly scalable. But, they also inherit the vulnerabilities of such systems. As Web services increase in complexity and connectivity, the associated security risks also increase exponentially. Many of the security breaches can be traced back to poor testing. In this paper, research on security vulnerabilities in SOAP based Web services is presented. The security context of traditional Web applications is compared to that of Web services. An attempt is made to map common attack patterns to security testing requirements with regard to Web services.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
