Design and Implementation of an XML Firewall
Web Services provide a means to communicate easily between applications to exchange information. However, the lack in security features provided by Web Services creates a window of opportunities for attackers. This paper presents the design of the architecture and filtering policies for an XML firew...
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Published: |
2006
|
| Subjects: | |
| Online Access: | http://shdl.mmu.edu.my/2143/ |
| Summary: | Web Services provide a means to communicate easily between applications to exchange information. However, the lack in security features provided by Web Services creates a window of opportunities for attackers. This paper presents the design of the architecture and filtering policies for an XML firewall. The firewall is implemented using Java language. We conduct a series of tests for verifying the functionality of the firewall. The results of the tests show that the firewall is capable of allowing valid SOAP messages while blocking malicious SOAP messages that contain attacks such as oversized payloads, recursive payloads, and SQL injections. |
|---|