SCOPUS 정보 검색 플랫폼

Computer Science - Research and Development

Volumn 24, Issue 4, 2009, Pages 185-197

A survey of attacks on web services: Classification and countermeasures

(3) Jensen, Meiko a Gruschka, Nils b Herkenhöner, Ralph c

a RUHR UNIVERSITY BOCHUM (Germany)

b NEC LABORATORIES EUROPE (Germany)

c UNIVERSITY OF PASSAU (Germany)

Author keywords

Attacks; Denial of Service; Flooding Attacks; Security; Web Services; WS Security; XML

Indexed keywords

ATTACKS; DENIAL OF SERVICE; FLOODING ATTACKS; SECURITY; WS-SECURITY;

INTERNET PROTOCOLS; SURVEYS; WEBSITES; XML;

WEB SERVICES;

EID: 70350156792 PISSN: 18652034 EISSN: 18652042 Source Type: Journal
DOI: 10.1007/s00450-009-0092-6 Document Type: Article

Times cited : (99)

References (27)

1
- 0038315923
- Oasis Standard
- Andrews T, Curbera F, Dholakia H, Goland Y, Klein J, Leymann F, Liu K, Roller D, Smith D, Thatte S, Trickovic I, Weerawarana S (2003) Business Process Execution Language for Web Services Version 1.1. Oasis Standard
- (2003) Business Process Execution Language for Web Services Version 1.1
- Andrews, T.¹ Curbera, F.² Dholakia, H.³ Goland, Y.⁴ Klein, J.⁵ Leymann, F.⁶ Liu, K.⁷ Roller, D.⁸ Smith, D.⁹ Thatte, S.¹⁰ Trickovic, I.¹¹ Weerawarana, S.¹²

2
- 0043026142
- Bartel M, Boyer J, Fox B, LaMacchia B, Simon E (2002) XML-Signature Syntax and Processing. W3C Recommendation
- (2002) XML-Signature Syntax and Processing. W3C Recommendation
- Bartel, M.¹ Boyer, J.² Fox, B.³ Lamacchia, B.⁴ Simon, E.⁵

3
- 77954342153
- An advisor for Web Services security policies
- ACM Press, New York, NY
- Bhargavan K, Fournet C, Gordon AD, O'Shea G (2005) An advisor for Web Services security policies. In: SWS '05: Proceedings of the 2005 workshop on Secure web services, ACM Press, New York, NY, pp 1-9
- (2005) SWS '05: Proceedings of the 2005 Workshop on Secure Web Services , pp. 1-9
- Bhargavan, K.¹ Fournet, C.² Gordon, A.D.³ O'Shea, G.⁴

4
- 47749152736
- Tech rep, WSO2 Oxygen Tank
- Fernando R (2006) Secure web services with apache rampart. Tech rep, WSO2 Oxygen Tank
- (2006) Secure web services with apache rampart
- Fernando, R.¹

5
- 70350189206
- PhD thesis, Christian-Albrechts-University of Kiel, Germany
- Gruschka N (2008) Schutz von Web Services durch erweiterte und effiziente Nachrichtenvalidierung. PhD thesis, Christian-Albrechts-University of Kiel, Germany
- (2008) Schutz von Web Services Durch Erweiterte und Effiziente Nachrichtenvalidierung
- Gruschka, N.¹

6
- 47749136767
- WS-SecurityPolicy Decision and Enforcement for Web Service Firewalls
- Attack Detection and Mitigation
- Gruschka N, Herkenhöner R (2006) WS-SecurityPolicy Decision and Enforcement for Web Service Firewalls. In: Proceedings of the IEEE/IST Workshop on Monitoring, Attack Detection and Mitigation
- (2006) Proceedings of the IEEE/IST Workshop on Monitoring
- Gruschka, N.¹ Herkenhöner, R.²

7
- 33845531695
- Protecting Web Services from DoS Attacks by SOAP Message Validation
- Gruschka N, Luttenberger N (2006) Protecting Web Services from DoS Attacks by SOAP Message Validation. In: Proceedings of the IFIP TC-11 21. International Information Security Conference (SEC 2006)
- (2006) Proceedings of the IFIP TC-11 21. International Information Security Conference (SEC 2006)
- Gruschka, N.¹ Luttenberger, N.²

8
- 47749096113
- Event-based SOAP message validation for WS-SecurityPolicy-Enriched web services
- Gruschka N, Luttenberger N, Herkenhöner R (2006) Event-based SOAP message validation for WS-SecurityPolicy-Enriched web services. In: Proceedings of the 2006 International Conference on Semantic Web & Web Services
- (2006) Proceedings of the 2006 International Conference on Semantic Web & Web Services
- Gruschka, N.¹ Luttenberger, N.² Herkenhöner, R.³

9
- 85027493146
- Braun T, Carle G, Stiller B (eds) 15. ITG/Gi Fachtagung Kommunikation in Verteilten Systemen (KiVS 2007)
- Gruschka N, Herkenhöner R, Luttenberger N (2007a) Access Control Enforcement for Web Services by Event-Based Security Token Processing. In: Braun T, Carle G, Stiller B (eds) 15. ITG/Gi Fachtagung Kommunikation in Verteilten Systemen (KiVS 2007), pp 371-382
- (2007) Access Control Enforcement for Web Services by Event-Based Security Token Processing , pp. 371-382
- Gruschka, N.¹ Herkenhöner, R.² Luttenberger, N.³

10
- 46849093205
- A stateful web service firewall for BPEL
- Gruschka N, Jensen M, Luttenberger N (2007b) A Stateful Web Service Firewall for BPEL. Proceedings of the IEEE International Conference on Web Services (ICWS 2007)
- (2007) Proceedings of the IEEE International Conference on Web Services (ICWS 2007)
- Gruschka, N.¹ Jensen, M.² Luttenberger, N.³

11
- 34548338717
- W3C Recommendation
- Gudgin M, Hadley M, Rogers T (2006) Web Services Addressing 1.0 - SOAP Binding. W3C Recommendation
- (2006) Web Services Addressing 1.0 - SOAP Binding
- Gudgin, M.¹ Hadley, M.² Rogers, T.³

12
- 33646046750
- W3C Recommendation
- Hors AL, Hegaret PL, Wood L, Nicol G, Robie J, Champion M, Byrne S (2004) Document Object Model (DOM) Level 3 Core Specification. W3C Recommendation
- (2004) Document Object Model (DOM) Level 3 Core Specification
- Hors, A.L.¹ Hegaret, P.L.² Wood, L.³ Nicol, G.⁴ Robie, J.⁵ Champion, M.⁶ Byrne, S.⁷

13
- 1142264879
- Imamura T, Dillaway B, Simon E (2002) XML Encryption Syntax and Processing. W3C Recommendation
- (2002) XML Encryption Syntax and Processing. W3C Recommendation
- Imamura, T.¹ Dillaway, B.² Simon, E.³

14
- 84888307394
- SOA development with Axis2: Understanding Axis2 basis
- Jayasinghe D (2006) SOA development with Axis2: Understanding Axis2 basis. IBM developerWorks
- (2006) IBM DeveloperWorks
- Jayasinghe, D.¹

15
- 70350178254
- VDM Verlag Dr. Müller, Saarbrücken, ISBN 9783836485517
- Jensen M (2008) BPEL Firewall - Abwehr von Angriffen auf zustandsbehaftete Web Services (german). VDM Verlag Dr. Müller, Saarbrücken, ISBN 9783836485517
- (2008) BPEL Firewall - Abwehr von Angriffen Auf Zustandsbehaftete Web Services (German)
- Jensen, M.¹

16
- 49049087362
- The Impact of Flooding Attacks on Network-based Services
- Reliability and Security
- Jensen M, Gruschka N, Luttenberger N (2008) The Impact of Flooding Attacks on Network-based Services. In: Proceedings of the IEEE International Conference on Availability, Reliability and Security
- (2008) Proceedings of the IEEE International Conference on Availability
- Jensen, M.¹ Gruschka, N.² Luttenberger, N.³

17
- 4544323391
- Kaler C, Nadalin A (eds)
- Kaler C, Nadalin A (eds) (2005) Web Services Security Policy Language (WS-SecurityPolicy) 1.1
- (2005) Web Services Security Policy Language (WS-SecurityPolicy) 1.1

18
- 0006013621
- Towards network denial of service resistant protocols
- Leiwo J, Nikander P, Aura T (2000) Towards network denial of service resistant protocols. In: Proc. of the 15th International Information Security Conference (IFIP/SEC)
- (2000) Proc. of the 15th International Information Security Conference (IFIP/SEC)
- Leiwo, J.¹ Nikander, P.² Aura, T.³

19
- 33845548325
- Attacking and defending web service
- Lindstrom P (2004) Attacking and Defending Web Service. A Spire Research Report
- (2004) A Spire Research Report
- Lindstrom, P.¹

20
- 77954328275
- XML signature element wrapping attacks and countermeasures
- ACM Press, New York, NY
- McIntosh M, Austel P (2005) XML signature element wrapping attacks and countermeasures. In: SWS '05: Proceedings of the 2005 workshop on Secure web services, ACM Press, New York, NY, pp 20-27
- (2005) SWS '05: Proceedings of the 2005 Workshop on Secure Web Services , pp. 20-27
- McIntosh, M.¹ Austel, P.²

21
- 21244462147
- Nadalin A, Kaler C, Monzillo R, Hallam-Baker P (2006) Web Services Security: SOAP Message Security 1.1 (WS-Security 2004)
- (2006) Web Services Security: SOAP Message Security 1.1 (WS-Security 2004)
- Nadalin, A.¹ Kaler, C.² Monzillo, R.³ Hallam-Baker, P.⁴

22
- 0028532812
- Denial of service: An example
- 10.1145/188280.188294
- RM Needham 1994 Denial of service: an example Commun ACM 37 11 42 46 10.1145/188280.188294
- (1994) Commun ACM , vol.37 , Issue.11 , pp. 42-46
- Needham, R.M.¹

23
- 0141539405
- Lazy XML processing
- ACM Press New York, NY. 10.1145/585058.585075
- Noga ML, Schott S, Löwe W (2002) Lazy XML processing. In: DocEng '02: Proceedings of the 2002 ACM symposium on document engineering. ACM Press, New York, NY, pp 88-94
- (2002) DocEng '02: Proceedings of the 2002 ACM Symposium on Document Engineering , pp. 88-94
- Noga, M.L.¹ Schott, S.² Löwe, W.³

24
- 33845520983
- Sabotageangriffe auf Kommunikationsstrukturen: Angriffstechniken und Abwehrmanahmen
- 10.1515/PIKO.2005.130
- G Schäfer 2005 Sabotageangriffe auf Kommunikationsstrukturen: Angriffstechniken und Abwehrmanahmen PIK 28 130 139 10.1515/PIKO.2005.130
- (2005) PIK , vol.28 , pp. 130-139
- Schäfer, G.¹

25
- 84876655611
- Under Attack, Over the Net. Time Magazine
- Smith A (2007) Under Attack, Over the Net. Time Magazine http://www.time.com/time/magazine/article/0,9171,1626744,00.html. Accessed 29 Apr 2009
- (2007)
- Smith, A.¹

26
- 84876661167
- The SAX Project Simple API for XML-SAX 2.0.1
- The SAX Project (2002) Simple API for XML-SAX 2.0.1 http://www. saxproject.org. Accessed 29 Apr 2009
- (2002)

27
- 27144508833
- Prentice Hall PTR, Upper Saddle River
- Weerawarana S, Curbera F, Leymann F, Storey T, Ferguson DF (2005) Web Services Platform Architecture: SOAP, WSDL, WS-Policy, WS-Addressing, WS-BPEL, WS-Reliable Messaging, and More. Prentice Hall PTR, Upper Saddle River
- (2005) Web Services Platform Architecture: SOAP, WSDL, WS-Policy, WS-Addressing, WS-BPEL, WS-Reliable Messaging, and More
- Weerawarana, S.¹ Curbera, F.² Leymann, F.³ Storey, T.⁴ Ferguson, D.F.⁵

* 이 정보는 Elsevier사의 SCOPUS DB에서 KISTI가 분석하여 추출한 것입니다.