Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

Guarding against Web services attacks

In this expert response, Andrew Nash discusses ways to protect against threats to Web Services specific attacks.

Is there any way to spoof trusted Web services metadata, like in cross-site scripting? And, if so, how do you guard against that?

Replay, transaction insertion, out of order command processing and state modification are all examples of Web Services specific attacks that are opened up as part of a message/transaction driven architecture. Digital signatures, strong identities, sequence numbers, validity periods and encryption are all tools that can be used to mitigate such threats.

Dig Deeper on Topics Archive

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.