期刊名称:International Journal of Computer Science and Network Security
印刷版ISSN:1738-7906
出版年度:2012
卷号:12
期号:9
页码:84-90
出版社:International Journal of Computer Science and Network Security
摘要:Being regarded as the new paradigm for Internet communication, Web Services have introduced a large number of new standards and technologies. Though founding on decades of networking experience, Web Services are not more resistant to security attacks than other open network systems. Quite the opposite is true: Web Services are exposed to attacks well-known from common Internet protocols and additionally to new kinds of attacks targeting Web Services in particular[1]. The attacks on Web Services might cause halt of the entire network communication or expose confidential information in an organization; therefore, the inevitable challenge facing organizations today is to implement adequate Web Service security. In this paper, a new strategy to enhance Web Service security level is proposed and while the other presented solutions by now have focused on SOAP messages to defend Web Services attacks and increase their security level, in this paper to the best of our knowledge, for the first time this problem has been analyzed from a new aspect and that is securing WSDL file . This Solution is suitable for Web services which have critical rules according to their policies and their WSDL faced with hacking problems.
关键词:XML Encryption; Web service Security; WSDL; WSDL attacks.
