Abstract
Securing a Web service requires us to protect, as far as possible, all of its basic components, shown in Figure 3.1, and their interactions, along with the Web service life cycle, from the design to the operational phase. This is a complex and difficult task, due to the vulnerabilities which each software component may have, the large number of attacks that can eventually exploit the vulnerabilities of a specific component, and to the interactions between the components themselves. It requires us to combine and enhance methods, tools, and techniques for computers, networks, distributed systems, and application security and adopt an engineered security process. Such an engineered process consists of detailed plans and designs for security features and controls that support the delivery of solutions satisfying not only functional requirements, but also preventing misuse and malicious behavior.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this chapter
Cite this chapter
Bertino, E., Martino, L.D., Paci, F., Squicciarini, A.C. (2009). Web Services Threats, Vulnerabilities, and Countermeasures. In: Security for Web Services and Service-Oriented Architectures. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-87742-4_3
Download citation
DOI: https://doi.org/10.1007/978-3-540-87742-4_3
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-87741-7
Online ISBN: 978-3-540-87742-4
eBook Packages: Computer ScienceComputer Science (R0)