Security Testing Methodology for Evaluation of Web Services Robustness - Case: XML Injection

2015 ◽  
Author(s):  
Marcelo Invert Palma Salas ◽  
Paulo Licio De Geus ◽  
Eliane Martins
Keyword(s):  
Web Services ◽  
Security Testing ◽  
Testing Methodology

Approaches to Functional, Structural and Security SOA Testing

2012 ◽  
pp. 381-401 ◽  
Author(s):  
Cesare Bartolini ◽  
Antonia Bertolino ◽  
Francesca Lonetti ◽  
Eda Marchetti
Keyword(s):  
Web Services ◽  
Point Of View ◽  
Structural Testing ◽  
Combined Approach ◽  
Security Testing ◽  
Preliminary Results ◽  
Important Concern ◽  
Is Security

In this chapter, we provide an overview of recently proposed approaches and tools for functional and structural testing of SOA services. Typically, these two classes of approaches have been considered separately. However, since they focus on different perspectives, they are generally non-conflicting and could be used in a complementary way. Accordingly, we make an attempt at such a combination, briefly showing the approach and some preliminary results of the experimentation. The combined approach provides encouraging results from the point of view of the achievements and the degree of automation obtained. A very important concern in designing and developing web services is security. In the chapter we also discuss the security testing challenges and the currently proposed solutions.

scholarly journals Extending MUD Profiles Through an Automated IoT Security Testing Methodology

IEEE Access ◽  
2019 ◽  
Vol 7 ◽  
pp. 149444-149463 ◽  
Author(s):  
Sara Nieves Matheu ◽  
Jose Luis Hernandez-Ramos ◽  
Salvador Perez ◽  
Antonio F. Skarmeta
Keyword(s):  
Security Testing ◽  
Iot Security ◽  
Testing Methodology

WS-Security on PRODML

2014 ◽  
Vol 1 (1) ◽  
pp. 9-34
Author(s):  
Bobby Suryajaya
Keyword(s):  
Web Services ◽  
Digital Signature ◽  
Data Transfer ◽  
Web Services Security ◽  
Soap Message ◽  
Simulation Results ◽  
End To End

SKK Migas plans to apply end-to-end security based on Web Services Security (WS-Security) for Sistem Operasi Terpadu (SOT). However, there are no prototype or simulation results that can support the plan that has already been communicated to many parties. This paper proposes an experiment that performs PRODML data transfer using WS-Security by altering the WSDL to include encryption and digital signature. The experiment utilizes SoapUI, and successfully loaded PRODML WSDL that had been altered with WSP-Policy based on X.509 to transfer a SOAP message.

A Design of a Network Model to the Electric Power Trading System Using Web Services

2004 ◽  
Vol 124 (1) ◽  
pp. 176-181
Author(s):  
Tomoaki Maruo ◽  
Keinosuke Matsumoto ◽  
Naoki Mori ◽  
Masashi Kitayama ◽  
Yoshio Izumi
Keyword(s):  
Web Services ◽  
Electric Power ◽  
Network Model ◽  
Trading System ◽  
Power Trading
Sign in / Sign up

Export Citation Format

Share Document