2012 IEEE Eighth World Congress on Services 2012
DOI: 10.1109/services.2012.7
|View full text |Cite
|
Sign up to set email alerts
|

Penetration Testing Tool for Web Services Security

Abstract: XML-based SOAP Web Services are a widely used technology, which allows the users to execute remote operations and transport arbitrary data. It is currently adapted in Service Oriented Architectures, cloud interfaces, management of federated identities, eGovernment, or millitary services. The wide adoption of this technology has resulted in an emergence of numerous-mostly complex-extension specifications. Naturally, this has been followed by a rise in large number of Web Services attacks. They range from specif… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
2
1

Citation Types

0
29
0

Year Published

2013
2013
2024
2024

Publication Types

Select...
4
3

Relationship

0
7

Authors

Journals

citations
Cited by 51 publications
(29 citation statements)
references
References 8 publications
0
29
0
Order By: Relevance
“…The presented final results have been proved that WS-attacker can protect web services from SOAPAction, WS-Addressing spoofing, XML rewriting attacks and others refer to Table 1 (Hariharan and Babu, 2014;Mainka et al, 2012).…”
Section: [A] Ws-attackermentioning
confidence: 64%
See 3 more Smart Citations
“…The presented final results have been proved that WS-attacker can protect web services from SOAPAction, WS-Addressing spoofing, XML rewriting attacks and others refer to Table 1 (Hariharan and Babu, 2014;Mainka et al, 2012).…”
Section: [A] Ws-attackermentioning
confidence: 64%
“…This plugin focuses on the individual business process by analyzing the Web Service Description Language (WSDL) file. The main weakness in this plugin, which the author did not consider is that the orchestrated services, located in business process execution language (BPEL) component, could not prevent XML interpreting tags and replay attacks (Hariharan and Babu, 2014;Mainka et al, 2012).…”
Section: Ws Attackermentioning
confidence: 99%
See 2 more Smart Citations
“…The SQL injection is the well-known attack [10] against the web programs, has become a serious protection risk..The traditional techniques are insufficient to analyse the SQL injection weak points in the web programs. In comparison to the well-known attacks as SQL injection or XSS, transmission analysing sources for the web services specific attacks do not exist.…”
Section: Litrature Reviewmentioning
confidence: 99%