Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

Guarding against Web services attacks

In this expert response, Andrew Nash discusses ways to protect against threats to Web Services specific attacks.

Is there any way to spoof trusted Web services metadata, like in cross-site scripting? And, if so, how do you guard against that?

Replay, transaction insertion, out of order command processing and state modification are all examples of Web Services...

specific attacks that are opened up as part of a message/transaction driven architecture. Digital signatures, strong identities, sequence numbers, validity periods and encryption are all tools that can be used to mitigate such threats.

This was last published in September 2006

Dig Deeper on Securing services



Find more PRO+ content and other member only offers, here.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.