{"title":"Web服务框架在安全攻击下的实验评估","authors":"R. Oliveira, N. Laranjeiro, M. Vieira","doi":"10.1109/SCC.2012.52","DOIUrl":null,"url":null,"abstract":"Web services are increasingly being used to provide critical operations in business-to-business and safety-critical environments. In these environments the exploitation of security vulnerabilities may result in major damages in the services infrastructures, financial or reputation losses to the organizations involved, and other catastrophic consequences for the users and the environment. Web services frameworks are the basis for developers to create and deploy web services, and must provide a robust and secure environment, so that an application can deliver its service, even when in presence of security attacks. In this paper we study the behavior of well-known web services frameworks in the presence of security attacks targeting the core web services specifications, i.e., those enabling basic message exchange functionalities. Results show that frameworks are quite resistant to attacks. However, they also indicate that even very popular and highly tested frameworks can be vulnerable to attacks, with potentially catastrophic consequences for the services being deployed.","PeriodicalId":178841,"journal":{"name":"2012 IEEE Ninth International Conference on Services Computing","volume":"73 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2012-06-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"12","resultStr":"{\"title\":\"Experimental Evaluation of Web Service Frameworks in the Presence of Security Attacks\",\"authors\":\"R. Oliveira, N. Laranjeiro, M. Vieira\",\"doi\":\"10.1109/SCC.2012.52\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Web services are increasingly being used to provide critical operations in business-to-business and safety-critical environments. In these environments the exploitation of security vulnerabilities may result in major damages in the services infrastructures, financial or reputation losses to the organizations involved, and other catastrophic consequences for the users and the environment. Web services frameworks are the basis for developers to create and deploy web services, and must provide a robust and secure environment, so that an application can deliver its service, even when in presence of security attacks. In this paper we study the behavior of well-known web services frameworks in the presence of security attacks targeting the core web services specifications, i.e., those enabling basic message exchange functionalities. Results show that frameworks are quite resistant to attacks. However, they also indicate that even very popular and highly tested frameworks can be vulnerable to attacks, with potentially catastrophic consequences for the services being deployed.\",\"PeriodicalId\":178841,\"journal\":{\"name\":\"2012 IEEE Ninth International Conference on Services Computing\",\"volume\":\"73 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2012-06-24\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"12\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2012 IEEE Ninth International Conference on Services Computing\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SCC.2012.52\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2012 IEEE Ninth International Conference on Services Computing","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SCC.2012.52","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Experimental Evaluation of Web Service Frameworks in the Presence of Security Attacks
Web services are increasingly being used to provide critical operations in business-to-business and safety-critical environments. In these environments the exploitation of security vulnerabilities may result in major damages in the services infrastructures, financial or reputation losses to the organizations involved, and other catastrophic consequences for the users and the environment. Web services frameworks are the basis for developers to create and deploy web services, and must provide a robust and secure environment, so that an application can deliver its service, even when in presence of security attacks. In this paper we study the behavior of well-known web services frameworks in the presence of security attacks targeting the core web services specifications, i.e., those enabling basic message exchange functionalities. Results show that frameworks are quite resistant to attacks. However, they also indicate that even very popular and highly tested frameworks can be vulnerable to attacks, with potentially catastrophic consequences for the services being deployed.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
