Referenced Items are not available for this document.
Web services are software components defined by WSDL, registered by UDDI and invoked by SOAP protocols. The port used by Web services and SOAP is not typically blocked by conventional firewalls. Therefore, a new type of firewall named Web service firewall or XML firewall is required. There are a number of commercial Web service firewall products. Several academic projects have also been done on Web service firewalls. This category of Web service firewalls are briefly introduced in this paper and their drawbacks are mentioned. We have proposed a Web service firewall architecture that supports authentication and authorization mechanisms. It also provides prevention of SOAP-based attacks. In this paper, we will present the proposed architectural design for a Web service firewall. A formal model for the access control of the proposed architecture using coloured Petri nets (CPNs) is also presented. The CPN model is used for the analysis of the proposed architectural design. The model can also be served as a high-level design for implementation of the Web service firewall.
Published in:
Asia-Pacific Services Computing Conference, 2008. APSCC '08. IEEE
Date of Conference: 9-12 Dec. 2008
- Page(s):
- 548 - 553
- E-ISBN :
- 978-0-7695-3473-2
- Print ISBN:
- 978-0-7695-3473-2
- INSPEC Accession Number:
- 10471977
- Conference Location :
- Yilan
- Digital Object Identifier :
- 10.1109/APSCC.2008.203
- Product Type:
- Conference Publications
About IEEE Xplore | Contact | Help | Terms of Use | Nondiscrimination Policy | Site Map | Privacy & Opting Out of Cookies
A not-for-profit organization, IEEE is the world's largest professional association for the advancement of technology.
© Copyright 2013 IEEE - All rights reserved. Use of this web site signifies your agreement to the terms and conditions.
