Defending Against XML-Based Attacks Using State-Based XML Firewall
|
| Title | Defending Against XML-Based Attacks Using State-Based XML Firewall |
| Authors | |
| Abstract | With the proliferation of service-oriented systems and cloud computing, web services security has gained much attention in recent years. Web service attacks, called XML-based attacks, typically occur at the SOAP message level, thus they are not readily handled by existing security mechanisms such as a conventional firewall. In order to provide effective security mechanisms for service-oriented systems, XML firewalls have recently been introduced as one of the major means for web services security. In this paper, we present a framework for state-based XML firewall, called S-Wall, which supports dynamic role-based access control (D-RBAC) and detection of XML-based attacks in real-time. We provide a detailed design of the S-Wall security model by defining state-based information, user information, access control policies, and detection and verification (D&V) rules. The D&V rules are modularized into separate units, which support real-time detection and verification of various types of attacks using state-based information. To illustrate the effectiveness of our approach, we develop a prototype S-Wall, and utilize a case study to demonstrate how S-Wall can be used to efficiently detect and defend against XML-based attacks. |
| Publisher | ACADEMY PUBLISHER |
| Date | 2011-11-01 |
| Source | Journal of Computers Vol 6, No 11 (2011) |
| Rights | Copyright © ACADEMY PUBLISHER - All Rights Reserved.To request permission, please check out URL: http://www.academypublisher.com/copyrightpermission.html. |