Paper Info
Title
Experimental Evaluation of Web Service Frameworks in the Presence of Security Attacks
Abstract
Web services are increasingly being used to provide critical operations in business-to-business and safety-critical environments. In these environments the exploitation of security vulnerabilities may result in major damages in the services infrastructures, financial or reputation losses to the organizations involved, and other catastrophic consequences for the users and the environment. Web services frameworks are the basis for developers to create and deploy web services, and must provide a robust and secure environment, so that an application can deliver its service, even when in presence of security attacks. In this paper we study the behavior of well-known web services frameworks in the presence of security attacks targeting the core web services specifications, i.e., those enabling basic message exchange functionalities. Results show that frameworks are quite resistant to attacks. However, they also indicate that even very popular and highly tested frameworks can be vulnerable to attacks, with potentially catastrophic consequences for the services being deployed.
Year
DOI
Venue
2012
10.1109/SCC.2012.52
IEEE SCC
Keywords
Field
DocType
catastrophic consequence,core web services specification,web service frameworks,experimental evaluation,web services framework,safety-critical environment,deploy web service,web service,security attacks,well-known web services framework,security attack,security vulnerability,services infrastructure,servers,testing,simple object access protocol,web services,security,xml
Web development,Services computing,Internet privacy,WS-Addressing,Computer security,Computer science,WS-I Basic Profile,Web modeling,Web application security,Web service,WS-Policy
Conference
Citations 
PageRank 
References 
3
0.47
7
Authors
3
Name
Order
Citations
PageRank
Rui Andre Oliveira130.47
Nuno Laranjeiro220826.74
Marco Vieira3971112.31