Verfügbarkeit: Analysis of attacks and defenses in the context of Web services

Analysis of attacks and defenses in the context of Web services:

Gespeichert in:

Bibliographische Detailangaben
Beteilige Person:	Jensen, Meiko (VerfasserIn)
Format:	Hochschulschrift/Dissertation Buch
Sprache:	Englisch
Veröffentlicht:	2011
Schlagwörter:	Hochschulschrift
Links:	http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=025419851&sequence=000001&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA
Umfang:	XII, 152 S. graph. Darst.

Internformat

MARC


LEADER	00000nam a2200000 c 4500
001	BV040591937
003	DE-604
005	00000000000000.0
007	t\|
008	121127s2011 xx d\|\|\| m\|\|\| 00\|\|\| eng d
035			\|a (OCoLC)819524395
035			\|a (DE-599)BVBBV040591937
040			\|a DE-604 \|b ger \|e rakwb
041	0		\|a eng
049			\|a DE-703 \|a DE-83 \|a DE-29T
082	0		\|a 005.8 \|2 22//ger
100	1		\|a Jensen, Meiko \|e Verfasser \|0 (DE-588)13855059X \|4 aut
245	1	0	\|a Analysis of attacks and defenses in the context of Web services \|c Meiko Jensen
264		1	\|c 2011
300			\|a XII, 152 S. \|b graph. Darst.
336			\|b txt \|2 rdacontent
337			\|b n \|2 rdamedia
338			\|b nc \|2 rdacarrier
502			\|a Bochum, Univ., Diss., 2011
655		7	\|0 (DE-588)4113937-9 \|a Hochschulschrift \|2 gnd-content
856	4	2	\|m DNB Datenaustausch \|q application/pdf \|u http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=025419851&sequence=000001&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA \|3 Inhaltsverzeichnis
943	1		\|a oai:aleph.bib-bvb.de:BVB01-025419851

Datensatz im Suchindex

_version_	1819376180030078976
adam_text	IMAGE 1 CONTENTS 1 INTRODUCTION 1 1.1 SETTING THE SCENE 1 1.2 CONTRIBUTION AND ORGANIZATION 2 2 T H E W E B SERVICES A T T A C K E R M O D E L 5 2.1 RELATED WORK 5 2.2 ATTACKER MODEL OVERVIEW 6 2.3 THE ACCESS CAPABILITY 7 2.4 THE LEGITIMIZE CAPABILITY 8 2.5 THE EAVESDROP CAPABILITY 10 2.6 THE INTERCEPT CAPABILITY 11 2.7 THE IMPERSONATE CAPABILITY 12 2.8 T H E OPERATE CAPABILITY 13 2.9 CAPABILITY INTERRELATIONS 14 2.10 COUNTERMEASURES IN THE WEB SERVICES ATTACKER MODEL 16 3 SPOOFING A N D P R O C E S S I N G - R E L A T E D A T T A C K S A N D C O U N T E R M E A S U R E S 19 3.1 SOAPACTION SPOOFING 19 3.2 WS-ADDRESSING SPOOFING 21 3.3 METADATA SPOOFING 23 3.3.1 WSDL SPOOFING 23 3.3.2 WS-SECURITYPOLICY SPOOFING 25 3.3.3 METADATA SPOOFING RATIONALE 26 3.3.4 COUNTERING METADATA SPOOFING 27 3.4 WSDL SCANNING 28 3.5 XML EXTERNAL ENTITY ATTACK 29 3.6 XML INJECTION 31 4 D E N I A L O F SERVICE A T T A C K S 3 5 4.1 PLAIN FLOODING ATTACKS 36 4.2 FLOODING ATTACK IMPACT ESTIMATION MODEL 38 4.3 ADVANCED DENIAL OF SERVICE ATTACKS 39 4.3.1 OVERSIZE PAYLOAD 39 4.3.2 COERCIVE PARSING 40 4.3.3 WS-ADDRESSING SPOOFING FOR DENIAL OF SERVICE 41 4.3.4 ENTITY EXPANSION ATTACK 43 4.4 DENIAL OF SERVICE IN PRESENCE OF WS-SECURITY 44 4.4.1 OVERSIZE CRYPTOGRAPHY 44 IX HTTP://D-NB.INFO/102673679X IMAGE 2 4.4.2 RECURSIVE KEYS 45 4.4.3 XSLT BOMB AND X P A T H BOMB 46 4.5 T H E PRINCIPLE OF INFINITY 47 4.6 FLOODING ATTACKS IN THE WEB SERVICES ATTACKER MODEL 48 5 COUNTERMEASURES AGAINST D E N I A L O F SERVICE A T T A C K S 5 1 5.1 ENFORCING HARD LIMITS 51 5.2 SIMPLE ACCESS CONTROL 52 5.3 SCHEMA VALIDATION 53 5.4 CLIENT PUZZLES 55 6 F L O O D I N G A T T A C K S IN SERVICE C O M P O S I T I O N S 5 7 6.1 THE ACCOUNTABILITY PROBLEM 57 6.2 ENTRY POINT RESOLUTION 60 6.2.1 MONITORING APPROACH 60 6.2.2 LOCAL REQUEST LOGGING APPROACH 60 6.2.3 REQUEST HISTORY APPROACH 61 6.2.4 EXTENDED REQUEST HISTORY APPROACHES 62 7 S T R E A M I N G P R O C E S S I N G O F W E B SERVICES M E S S A G E S 6 7 7.1 RELATED WORK 67 7.2 THE EVENT PIPELINE PATTERN 68 7.2.1 PIPELINE MODULES AND ORDERING 69 7.2.2 LOOKAHEAD PROCESSING 71 7.3 STREAMING PROCESSING OF XML ENCRYPTION 72 8 S T R E A M I N G P R O C E S S I N G O F X M L SIGNATURES 7 7 8.1 RELATED WORK 77 8.2 FORMALIZATION OF PROCESSING XML SIGNATURES 78 8.2.1 SIGNATURE VERIFICATION 80 8.2.2 SIGNATURE APPLICATION 82 8.2.3 PHASE DEPENDENCIES AND STREAMABILITY 83 8.3 FULLY STREAMABLE DIGITAL SIGNATURES ON XML DOCUMENTS 85 8.3.1 PARSING STATE AUTOMATON MODEL 85 8.3.2 STREAMABLE SIGNATURE SYNTAX 87 8.3.3 STREAMABLE SIGNATURE CREATION AND VERIFICATION 90 8.4 STREAMING PROCESSING OF X P A T H 91 8.4.1 RELATED WORK 92 8.4.2 STREAMING X P A T H IN XML SIGNATURE 92 8.4.3 FASTXPATH 93 9 X M L SIGNATURE W R A P P I N G A T T A C K S 9 7 9.1 RELATED WORK 97 9.2 XML SIGNATURE WRAPPING BASICS 98 9.3 WRAPPING TIMESTAMPS 102 9.4 REAL-WORLD INCIDENTS 104 9.4.1 AMAZON VULNERABILITY BY GRUSCHKA AND LO IACONO . . . . 104 9.4.2 IBM DATAPOWER XS40 106 9.4.3 MULTIPLE AMAZON AND EUCALYPTUS VULNERABILITIES BY SOMOROVSKY ET AL 107 X IMAGE 3 9.5 THE NAMESPACE INJECTION TECHNIQUE 110 9.5.1 XPATH-BASED REFERENCING IN XML SIGNATURE 110 9.5.2 USING NAMESPACES IN X P A T H FOR SIGNATURE WRAPPING . . . I L L 9.5.3 CANONICALIZATION AND NAMESPACE INJECTION 113 9.6 WRAPPING SAML ASSERTIONS 114 9.7 SOAP, SAML, AND XML SIGNATURES 117 9.8 SIGNATURE WRAPPING IN THE WEB SERVICES ATTACKER MODEL 120 10 C O U N T E R M E A S U R E S AGAINST S I G N A T U R E W R A P P I N G A T T A C K S 1 2 3 10.1 TLS 123 10.2 XML SCHEMA VALIDATION 124 10.3 WS-SECURITYPOLICY ENFORCEMENT 125 10.4 XPATH-BASED REFERENCING 127 11 CONCLUSIONS A N D O U T L O O K 1 3 1 11.1 T H E STATE OF THE A R T IN WEB SERVICES SECURITY RESEARCH 131 11.2 CONCLUSIONS 132 11.3 FUTURE RESEARCH DIRECTIONS 133 XI
any_adam_object	1
author	Jensen, Meiko
author_GND	(DE-588)13855059X
author_facet	Jensen, Meiko
author_role	aut
author_sort	Jensen, Meiko
author_variant	m j mj
building	Verbundindex
bvnumber	BV040591937
ctrlnum	(OCoLC)819524395 (DE-599)BVBBV040591937
dewey-full	005.8
dewey-hundreds	000 - Computer science, information, general works
dewey-ones	005 - Computer programming, programs, data, security
dewey-raw	005.8
dewey-search	005.8
dewey-sort	15.8
dewey-tens	000 - Computer science, information, general works
discipline	Informatik
format	Thesis Book
fullrecord	<?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>01082nam a2200289 c 4500</leader><controlfield tag="001">BV040591937</controlfield><controlfield tag="003">DE-604</controlfield><controlfield tag="005">00000000000000.0</controlfield><controlfield tag="007">t\|</controlfield><controlfield tag="008">121127s2011 xx d\|\|\| m\|\|\| 00\|\|\| eng d</controlfield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(OCoLC)819524395</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-599)BVBBV040591937</subfield></datafield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">DE-604</subfield><subfield code="b">ger</subfield><subfield code="e">rakwb</subfield></datafield><datafield tag="041" ind1="0" ind2=" "><subfield code="a">eng</subfield></datafield><datafield tag="049" ind1=" " ind2=" "><subfield code="a">DE-703</subfield><subfield code="a">DE-83</subfield><subfield code="a">DE-29T</subfield></datafield><datafield tag="082" ind1="0" ind2=" "><subfield code="a">005.8</subfield><subfield code="2">22//ger</subfield></datafield><datafield tag="100" ind1="1" ind2=" "><subfield code="a">Jensen, Meiko</subfield><subfield code="e">Verfasser</subfield><subfield code="0">(DE-588)13855059X</subfield><subfield code="4">aut</subfield></datafield><datafield tag="245" ind1="1" ind2="0"><subfield code="a">Analysis of attacks and defenses in the context of Web services</subfield><subfield code="c">Meiko Jensen</subfield></datafield><datafield tag="264" ind1=" " ind2="1"><subfield code="c">2011</subfield></datafield><datafield tag="300" ind1=" " ind2=" "><subfield code="a">XII, 152 S.</subfield><subfield code="b">graph. Darst.</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="b">n</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="b">nc</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="502" ind1=" " ind2=" "><subfield code="a">Bochum, Univ., Diss., 2011</subfield></datafield><datafield tag="655" ind1=" " ind2="7"><subfield code="0">(DE-588)4113937-9</subfield><subfield code="a">Hochschulschrift</subfield><subfield code="2">gnd-content</subfield></datafield><datafield tag="856" ind1="4" ind2="2"><subfield code="m">DNB Datenaustausch</subfield><subfield code="q">application/pdf</subfield><subfield code="u">http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=025419851&sequence=000001&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA</subfield><subfield code="3">Inhaltsverzeichnis</subfield></datafield><datafield tag="943" ind1="1" ind2=" "><subfield code="a">oai:aleph.bib-bvb.de:BVB01-025419851</subfield></datafield></record></collection>
genre	(DE-588)4113937-9 Hochschulschrift gnd-content
genre_facet	Hochschulschrift
id	DE-604.BV040591937
illustrated	Illustrated
indexdate	2024-12-20T16:18:07Z
institution	BVB
language	English
oai_aleph_id	oai:aleph.bib-bvb.de:BVB01-025419851
oclc_num	819524395
open_access_boolean
owner	DE-703 DE-83 DE-29T
owner_facet	DE-703 DE-83 DE-29T
physical	XII, 152 S. graph. Darst.
publishDate	2011
publishDateSearch	2011
publishDateSort	2011
record_format	marc
spellingShingle	Jensen, Meiko Analysis of attacks and defenses in the context of Web services
subject_GND	(DE-588)4113937-9
title	Analysis of attacks and defenses in the context of Web services
title_auth	Analysis of attacks and defenses in the context of Web services
title_exact_search	Analysis of attacks and defenses in the context of Web services
title_full	Analysis of attacks and defenses in the context of Web services Meiko Jensen
title_fullStr	Analysis of attacks and defenses in the context of Web services Meiko Jensen
title_full_unstemmed	Analysis of attacks and defenses in the context of Web services Meiko Jensen
title_short	Analysis of attacks and defenses in the context of Web services
title_sort	analysis of attacks and defenses in the context of web services
topic_facet	Hochschulschrift
url	http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=025419851&sequence=000001&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA
work_keys_str_mv	AT jensenmeiko analysisofattacksanddefensesinthecontextofwebservices

Verfügbarkeit

‌

Inhaltsverzeichnis