Network security remains a major concern for practitioners of electronic business world wide. With the ever-increasing number of hackers and the evolving of their attack techniques, ensuring security has become quite a challenge. What is happening, in the world today, between businesses and hackers, is no less than a global electronic war. And in war, one of the best ways to avoid defeat is to analyze how others were defeated. So, the best way that a business avoids falling prey to these hackers is by analyzing how others have fallen preys, and then taking precautions. Certainly, in this case, precautions can be taken by applying known security models, and enforcing the weaknesses exploited by the attackers. In this context, this research paper will present a six web services security models. It will discuss two case studies with web services security problems. Then, at the end it will suggest building secure multi-tier model based on a collection of essential security guidelines.
What is happening, in the world today, between businesses and hackers, is no less than a global electronic war.
Basically, this is an ongoing research that presents a set of web services security models, discusses some case studies involving web services security problems, and suggests a final multi-tier model based on a collection of essential security guidelines. The research starts by defining web services and some six web services security models which the least they solve the basic security problems, i.e., authentication and authorization, message encryption, and message integrity. Then it analysis two case studies of security problems resulting from SQL Injection and Hidden Fields. In addition, it explains how these problems can be solved. Finally, it concludes by presenting four multi-tier models security features, namely DCOM, RMI, CORBA, and Web Services, and suggests seven abstract guidelines when building secure software systems.
Please find and read these and other security-related articles in Software Security category —>
