|
The ebXML messaging specification recognizes that the following security requirements are inherent in any messaging service. These security requirements are described in detail in Chapter 2. Refer to that chapter if you need a reminder.
Is the person sending this message entitled to send it? Are we sure that the person sending it is actually the person whose identity/authorization is used?
Is the message we’re processing the message that was actually sent, or has it been altered in transit? Has it been examined in transit by individuals who shouldn’t have had access to it?
Can hostile attackers prevent access to a service or facility by legitimate users by sending spurious or multiple messages? Can they lock legitimate users out by pretending to be them?
|