Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Web Services Security

Malicious content attacks, meanwhile, try to force a SOAP endpoint (server) to do something it wasn't meant to do--such as retrieve data it's not authorized to access, or even destroy data through SQL Injection and manipulate content within a SOAP message. The result: The receiving endpoint consumes excessive resources and crashes or becomes unresponsive.

Operational attacks produce a denial of service. Like malicious content attacks, they typically manipulate the XML message or the schema to tie up server resources.

Token Security

Several standards address application-layer security, which extends to Web services and SOAP:

» XML-Encryption provides full- or partial-message encryption.

  • 1