The open archive for STFC research publications

Full Record Details

Persistent URL http://purl.org/net/epubs/work/37143
Record Status Checked
Record Id 37143
Title Approaches and Best Practices in Web Service Style, Data Binding and Validation
Abstract This chapter shows how the WSDL interface style (RPC / Document), strength of data typing and approach to data binding and validation have important implications on application security (and interoperability). This is because some (common) bad-practices and poor implementation choices can render a service vulnerable to the consequences of propagating loosely bound or poorly constrained data. The chosen Web service style and strength of data typing dictate how SOAP messages are constructed, serialized, and to what extent SOAP messages can be constrained and secured during validation. The chosen approach to binding and validation dictates how and where the SOAP-body and SOAP-header (which includes the security constructs) are handled in the application, and also determines the reliability of message parsing. The authors show how these Web service styles and implementation choices must be carefully considered and applied correctly by providing implementation examples and best practice recommendations.
Organisation CCLRC , ESC , ESC-GTG
Keywords Security , WSDL , RPC , Web services , Document , Data binding , XML Schema , Validation
Funding Information
Related Research Object(s):
Licence Information:
Language English (EN)
Type Details URI(s) Local file(s) Year
Book Chapter or Section In Securing web services: practical usage of standards and specifications . edited by P Periorellis , chapter 13, Idea Group Inc, 2007. AsifAkramDaveMeredithChapter.pdf 2007