An XML-based approach to combine firewalls and web services security specifications
Contributo in Atti di convegno
Data di Pubblicazione:
2003
Citazione:
An XML-based approach to combine firewalls and web services security specifications / M. Cremonini, E. Damiani, S. De Capitani di Vimercati, P. Samarati - In: Proc. of the 2003 ACM Workshop on XML Security / Sushil Jajodia, Michiharu Kudo. - New York : ACM press, 2003. - ISBN 1-58113-777-X. - pp. 69-78 (( Intervento presentato al 2. convegno ACM Workshop on XML Security tenutosi a Fairfax, USA nel 2003 [10.1145/968559.968571].
Abstract:
The Web Services Architecture (WSA) defines a comprehensive model for service-oriented interactions among endpoints over a private network or the Internet. Since the many opportunities for better interacting
services and the provision of richer functionality, crossing the boundary of organizations many standard proposals addressing different aspects of such interaction model are appearing. In this paper, we analyze the security requirements of the WSA and observe that the security model currently developed is not sufficient. In particular, we claim that many aspects related to network security and the integration of firewalls into the WSA have been underestimated. We show with different examples the usefulness of a semantics-aware firewall operating both at SOAP level and at lower network-based
layers. We analyze, under this perspective, the impact on security that recently proposed stateful SOAP-based protocols could have, and describe how asynchronous protocols could pose high security risks on
both service providers and service requesters. This drives us to the
conclusion that, if security is an enabling factor for the success of Web service technologies, then perimetral security and firewall technology should be both fully supported into the WSA and improved to
satisfy the requirements of the service-oriented interaction.
Tipologia IRIS:
03 - Contributo in volume
Keywords:
Firewall; Network security; Service security; SOAP; Web services
Elenco autori:
M. Cremonini, E. Damiani, S. De Capitani di Vimercati, P. Samarati
Link alla scheda completa:
Titolo del libro:
Proc. of the 2003 ACM Workshop on XML Security