Title :
Trustworthy Web services based on testing
Author :
Yu, Weider D. ; Supthaweesuk, Passarawarin ; Aravind, Dhanya
Author_Institution :
Comput. Eng. Dept., San Jose State Univ., CA, USA
Abstract :
The Web services technology allows software components independently developed in disparate platforms to communicate in a seamless manner. They constitute a loosely coupled, distributed system that is highly scalable. But, they also inherit the vulnerabilities of such systems. As Web services increase in complexity and connectivity, the associated security risks also increase exponentially. Many of the security breaches can be traced back to poor testing. In this paper, research on security vulnerabilities in SOAP based Web services is presented. The security context of traditional Web applications is compared to that of Web services. An attempt is made to map common attack patterns to security testing requirements with regard to Web services.
Keywords :
Internet; program testing; protocols; security of data; Web security risk; Web service security vulnerability; Web service technology testing; security breach; security testing requirement; simple object access protocol; system vulnerability; trustworthy Web service; Authentication; Costs; Data security; HTML; Information security; Open systems; Simple object access protocol; Testing; Web services; XML;
Conference_Titel :
Service-Oriented System Engineering, 2005. SOSE 2005. IEEE International Workshop
Print_ISBN :
0-7695-2438-9
DOI :
10.1109/SOSE.2005.38
