Yu et al., 2005 - Google Patents
Trustworthy web services based on testingYu et al., 2005
- Document ID
- 18392261881701631510
- Author
- Yu W
- Supthaweesuk P
- Aravind D
- Publication year
- Publication venue
- IEEE International Workshop on Service-Oriented System Engineering (SOSE'05)
External Links
Snippet
The Web services technology allows software components independently developed in disparate platforms to communicate in a seamless manner. They constitute a loosely coupled, distributed system that is highly scalable. But, they also inherit the vulnerabilities of …
- 239000000344 soap 0 abstract description 28
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/34—User authentication involving the use of external additional devices, e.g. dongles or smart cards
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/33—User authentication using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to network resources
- H04L63/105—Multiple levels of security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to network resources
- H04L63/102—Entity profiles
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to network resources
- H04L63/104—Grouping of entities
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Salas et al. | Security testing methodology for vulnerabilities detection of xss in web services and ws-security | |
| Patel | A survey on vulnerability assessment & penetration testing for secure communication | |
| Ravindran et al. | A Review on Web Application Vulnerability Assessment and Penetration Testing. | |
| Yu et al. | Software vulnerability analysis for web services software systems | |
| Masood et al. | Static analysis for web service security-Tools & techniques for a secure development life cycle | |
| US11729176B2 (en) | Monitoring and preventing outbound network connections in runtime applications | |
| Zeng et al. | Full-stack vulnerability analysis of the cloud-native platform | |
| Calzavara et al. | Testing for integrity flaws in web sessions | |
| Sidharth et al. | A framework for enhancing web services security | |
| Tyler et al. | Towards Browser Controls to Protect Cookies from Malicious Extensions | |
| Yu et al. | Trustworthy web services based on testing | |
| Razmov et al. | Practical automated filter generation to explicitly enforce implicit input assumptions | |
| Lincke | Understanding software threats and vulnerabilities | |
| Larson et al. | A new security metric for soa implementations | |
| Bijjou | Web Application Firewall Bypassing: An Approach for Penetra | |
| Jaamour | Securing web services | |
| Endsuleit et al. | A security analysis on jade (-s) v. 3.2 | |
| Sadana et al. | Analysis of cross site scripting attack | |
| de Sousa Rodrigues | An OSINT Approach to Automated Asset Discovery and Monitoring | |
| Gula et al. | Performing PCI DSS and OWASP Web Application Audits with Nessus | |
| Uroz | Advances in Cybersecurity Incident Prevention and Analysis | |
| Bakos et al. | Ubiquitous Redirection as Access Control Response. | |
| Jnena | Modern Approach for WEB Applications Vulnerability Analysis | |
| WO2025029704A1 (en) | System and method for attacker interdiction using track and trace user and entity behavior analysis | |
| Bau | Network and Web Security Modeling and Analysis |