Abstract | ||
---|---|---|
A web service security analysis model based on program slicing is proposed, which can be used to find existence of critical information disclosure vulnerabilities and proliferation of such vulnerabilities in a web service net, and eventually improve protection of critical information. Web service protocol is analyzed to obtain external service interfaces; source code is sliced to obtain interface information flow; critical information is checked to see whether it is disclosed through the interface information flow. Vulnerability proliferation of a service net is found through analyzing process of interface calling between two web services in which the critical information is transmitted and disclosed. A security report describing test results of a test scene is provided to verify the correctness of security analysis process. |
Year | DOI | Venue |
---|---|---|
2010 | 10.1109/CIT.2010.287 | CIT |
Keywords | Field | DocType |
web service,program slicing,information flow,security,security analysis,global positioning system,source code,web services,data mining | Program slicing,Information flow (information theory),Source code,Computer science,Correctness,Computer network,Security service,Security analysis,Web application security,Web service,Database | Conference |
Volume | Issue | Citations |
null | null | 1 |
PageRank | References | Authors |
0.36 | 5 | 5 |
Name | Order | Citations | PageRank |
---|---|---|---|
Jin-Liang Xing | 1 | 1 | 0.36 |
Xiaohong Li | 2 | 173 | 44.41 |
Yan Cao | 3 | 1 | 0.70 |
Zhiyong Feng | 4 | 794 | 167.21 |
Ran Liu | 5 | 64 | 8.59 |