You are here: silicon.com > Resources > White Papers > Security > Intrusion - Tampering > Firewalls

Firewalls White Papers

WS-SecurityPolicy Decision and Enforcement for Web Service Firewalls

Tags:
firewalls

Overview A known weakness of Web Services is their vulnerability to Denial of Service attacks exploiting XML processing characteristics. To protect Web Services from these attacks, extended validation of SOAP messages - considering WS-Security and WS-securityPolicy - is made. For SOAP security is message oriented, the processing of the security content itself is vulnerable to Denial of Service attacks. Hence, it is necessary to combine WS-Security processing and DoS protection. This paper presents the solution for WS-SecurityPolicybased policy decision within Web Service Firewalls. For this, a technical description and an algorithm is given addressing major parts of policy decision, as well as a proposal for enhancing message signature identification. Further, the paper argues for advancing protection of Web Services by improved policy enforcement.

Further White Paper Details
Publisher	Christian-Albrechts-Universitat zu Kiel	File Format	PDF
Date Published	September 2006
Format	White Papers
Topics	Firewalls, Network Security, Security Tools

Did you find this white paper useful?

Balancing Security Against Productivity

Publisher:
Novell

Security: New strides in preventing intrusions.

Publisher:
IBM

Novell Zenworks Endpoint Security Management: Total Control from a Single Console

Publisher:
Novell

Secure Desktop On-Demand Webcast

Publisher:
Novell

Total Endpoint Protection: Lower Costs and Increase Compliance

Publisher:
McAfee

Tags:
firewalls

American phishing scam uses anti-terrorism hook

The USA Patriot Act, which was passed after the 11 September attacks, gives broad powers to law enforcement to combat terrorism. Microsoft is taking this vulnerability very seriously and is working to develop a patch to fix the problem," a company...

Channel:
Protecting your ID

Samba servers vulnerable to denial-of-service attacks

The flaws, known as denial-of-service vulnerabilities, basically could be used to disconnect Samba servers from the network by either overrunning the computer's memory to such an extent that it cannot function or by sending a specially crafted...

Channel:
Servers

Spammers targeted with DDoS attack

Lycos is offering its customers a screensaver that helps to launch denial-of-service attacks on spammers' websites - a tactic more commonly associated with hackers or the spammers themselves who abuse networks of compromised machines to send large...

Channel:
WebWatch
Tags:
lycos,
ddos,
spam

Cisco net phones have software flaw

The flaw, which opens the IP phone service up to denial-of-service attacks, was reported by the National Infrastructure Security Co-ordination Centre, a security research group based in the UK. According to the advisory, the vulnerability is caused...

Channel:
Telecoms
Tags:
dns,
dos,
cisco

Two new WMF flaws emerge

The newly disclosed issues could be a conduit for denial of service attacks, according to a description sent to the Bugtraq mailing list on Monday. He said: "In the current release, they're only denial of service attacks.

Microsoft issues flaw fixes for Outlook and Windows

The new Exchange and Outlook vulnerability affects all current versions of the software except Exchange 2003 with Service Pack 1 or Service Pack 2, Microsoft said. The issue is specific to the processing of mail that uses the Transport Neutral...

Live Webcast: Telecoms 2.0 - Where is telecoms heading?

In this webcast, our panel of experts will review where we are with next generation telecoms in the UK, working through the concept of 'Telecoms 2.0': - Realising the potential of Next Generation Networks - why it isn't just about the technology? - What attributes should firms be looking for in their telco partner? - Is the relationship between telco provider and customer changing? - What things need to happen to make next generation services a reality? - You say you want the supplier to change. Do you want to change too? - What is Telecoms 2.0?

Publisher:
ZDNet UK

Telecom 2.0: Mind over matter

ntl:Telewest Business believes that the role of the telco is evolving. Gone are the days when it was enough to simply focus on circuits and minutes, customers now need a far higher degree of interaction and look for suppliers who will talk business solutions with them.

Publisher:
ntl:Telewest Business

IBM Information Server Change Data Capture

In today's fast-paced world, access to real-time data has never been more important. To be successful, organizations need to be able to report and analyze corporate data quickly and easily, regardless of what applications created the data, what platform they're running on, or what database they're stored in.

Publisher:
IBM

An examination of server consolidation: the trends that can drive efficiencies and help businesses gain a competitive edge

This white paper provides a starting point for organizations contemplating server consolidation. It includes an overview of server consolidation concepts and techniques and provides guidance on methodologies. It also looks at the potential cost savings associated with server consolidation and offers information on how organizations can sustain the advantage they have gained by consolidating their servers.

Publisher:
IBM

Also on silicon.com

Site Navigation:

Firewalls White Papers

WS-SecurityPolicy Decision and Enforcement for Web Service Firewalls

Quick Sitemap Links:

About Us

Search

Blogs

Verticals

Advertising Features

CNET Networks in Europe

CNET Networks in the United States

CNET Networks in Asia Pacific