A Stateful Web Service Firewall for BPEL

I
ICWS
2007
IEEE International Conference on Web Services (ICWS 2007)
Abstract - A Stateful Web Service Firewall for BPEL

	This Article
	Subscribers, please Login Purchase article: $19 PDF RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Nils Gruschka Articles by Meiko Jensen Articles by Norbert Luttenberger

IEEE International Conference on Web Services (ICWS 2007)

Salt Lake City, Utah, USA

July 09-July 13

ISBN: 0-7695-2924-0

	ASCII Text	x
	Nils Gruschka, Meiko Jensen, Norbert Luttenberger, "A Stateful Web Service Firewall for BPEL," Web Services, IEEE International Conference on, pp. 142-149, IEEE International Conference on Web Services (ICWS 2007), 2007.

	BibTex	x
	@article{ 10.1109/ICWS.2007.173, author = {Nils Gruschka and Meiko Jensen and Norbert Luttenberger}, title = {A Stateful Web Service Firewall for BPEL}, journal ={Web Services, IEEE International Conference on}, volume = {0}, year = {2007}, isbn = {0-7695-2924-0}, pages = {142-149}, doi = {http://doi.ieeecomputersociety.org/10.1109/ICWS.2007.173}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Web Services, IEEE International Conference on TI - A Stateful Web Service Firewall for BPEL SN - 0-7695-2924-0 SP142 EP149 A1 - Nils Gruschka, A1 - Meiko Jensen, A1 - Norbert Luttenberger, PY - 2007 VL - 0 JA - Web Services, IEEE International Conference on ER -

Nils Gruschka, Communication Systems Research Group, Germany

Meiko Jensen, Communication Systems Research Group, Germany

Norbert Luttenberger, Communication Systems Research Group, Germany

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/ICWS.2007.173

Today, the Business Process Execution Language (BPEL) is the most emerging specification for Web Service Composition, which is an important part of the SOA paradigm. Defining a stateful communication protocol, BPEL enables potential for new security vulnerabilities. In this paper, we present a severe Denial-of-Service attack on a leading BPEL engine, illustrating new threats on availability in the context of BPEL. Derived from our observations, we developed a protection concept and implemented an application level firewall fending these types of attacks.

Citation:

Nils Gruschka, Meiko Jensen, Norbert Luttenberger, "A Stateful Web Service Firewall for BPEL," icws, pp.142-149, IEEE International Conference on Web Services (ICWS 2007), 2007

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.