Summary

Previous page
Table of content
Next page

If the history of interapplication communication repeats itself, the ease with which web services architectures publish information about applications across the network is only going to result in more application hacking. We've provided some concrete examples of such attacks in this chapter. At the very least, it's going to put an even greater burden on web architects and developers to design and write secure code. With web services, you can run but you can't hide especially with technologies like SOAP, WSDL, and UDDI opening doors across the landscape. Remember the basics of web securityfirewalls are generally poor defense against application-level attacks, servers (especially HTTP servers) should be conservatively configured and fully patched, solid authentication and authorization should be used wherever possible, and proper input validation should be done at all times. Developing specifications like WS-Security should also be leveraged as they mature. Onward into the brave new world of web services!


Previous page
Table of content
Next page
Hacking Exposed Web Applications
HACKING EXPOSED WEB APPLICATIONS, 3rd Edition
ISBN: 0071740643
EAN: 2147483647
Year: 2006
Pages: 127
Authors: Joel Scambray, Vincent Liu, Caleb Sima
BUY ON AMAZON
Metrics and Models in Software Quality Engineering (2nd Edition)
A Practitioners Guide to Software Test Design
Visual C# 2005 How to Program (2nd Edition)
C & Data Structures (Charles River Media Computer Engineering)
Google Maps Hacks: Tips & Tools for Geographic Searching and Remixing
Professional Struts Applications: Building Web Sites with Struts ObjectRelational Bridge, Lucene, and Velocity (Experts Voice)
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy