Title :
Design and Implementation of an XML Firewall
Author :
Loh, Yin-Soon ; Yau, Wei-Chuen ; Wong, Chien-Thang ; Ho, Wai-Chuen
Author_Institution :
Fac. of Eng., Multimedia Univ., Cyberjaya
Abstract :
Web services provide a means to communicate easily between applications to exchange information. However, the lack in security features provided by Web services creates a window of opportunities for attackers. This paper presents the design of the architecture and filtering policies for an XML firewall. The firewall is implemented using Java language. We conduct a series of tests for verifying the functionality of the firewall. The results of the tests show that the firewall is capable of allowing valid SOAP messages while blocking malicious SOAP messages that contain attacks such as oversized payloads, recursive pay loads, and SQL injections
Keywords :
Java; Web services; XML; access protocols; authorisation; formal verification; Java language; Web services; XML firewall; firewall functionality verification; information exchange; malicious SOAP message blocking; Data engineering; Design engineering; Engines; Filtering; Multimedia databases; Payloads; Simple object access protocol; Testing; Web services; XML;
Conference_Titel :
Computational Intelligence and Security, 2006 International Conference on
Conference_Location :
Guangzhou
Print_ISBN :
1-4244-0605-6
Electronic_ISBN :
1-4244-0605-6
DOI :
10.1109/ICCIAS.2006.295443
