ResearchBib Share Your Research, Maximize Your Social Impacts
Sign for Notice Everyday Sign up >> Login

Survey on a Novel Approach for Web Service - Security Testing to Improve Web Service Robustness

Journal: International Journal of Science and Research (IJSR) (Vol.5, No. 1)

Publication Date:

Authors : ; ;

Page : 325-329

Keywords : Web services; cross-site scripting; XSS attack; penetration testing; fault injection; WS-Security; WSS; Security Token; soapUI; WSInject;

Source : Downloadexternal Find it from : Google Scholarexternal

Abstract

To have flexibility of providing services available (in service oriented architecture) across various platform, we need to expose web services due to its open nature in the system. The use of web services in todays industry has been widely grown, which causes to the new security challenges. Increasing demand has increased challenges on information security, it becomes important to provide robustness to the web services. The various web services attacks such as XML injection, XPath Injection, Cross-site scripting (XSS), that corrupts web services requests to maliciously harm web service which may in turn provide unwanted information, which harmful to the organization. Studies has shown that current different testing available techniques such as penetration testing and fuzzy scanning- generates several false results i. e. positive and negative indications. However, fault injection technique improves robustness of web service application, through greater flexibility to modify the test cases and find software bugs. This work describes the fault injection technique with WS-Security (UsernameToken) to evaluate robustness of web services and development of set of rules to determine vulnerability analysis, resulting on the improvement of vulnerability detector accuracy.

Last modified: 2021-07-01 14:30:04