Understanding the Vulnerabilities of a SOA Platform - A Case Study
Citation:
Andrew Gronosky, Michael Atighetchi, Partha Pal. Understanding the Vulnerabilities of a SOA Platform - A Case Study.
The 9th IEEE International Symposium on Network Computing and Applications (IEEE NCA10), July 15 - 17 2010, Cambridge, MA USA
Formats: Abstract:
Paper PDF
Slides PDF
Service-oriented architecture (SOA) is a powerful distributed computing paradigm that provides high-level abstractions for developing, deploying, and executing distributed systems while hiding many platform-level details. SOA platforms host functionality as deployed services, support decoupled interaction between service providers and service consumers, and manage low-level plumbing and dispatching among various deployed components. As with any distributed computing platform, SOA presents challenges for security and survivability beyond those that exist in more static and local platforms. As SOA platforms become popular and more widely used in a variety of distributed systems, it is important to explore their security challenges and vulnerabilities, and to understand how well those are addressed by the current security features of SOA platforms. This paper reports on a case study that evaluated the vulnerability profile of a SOA platform based on the popular open source JBoss Application Server.
