One of the biggest concerns we hear from developers when we talk about the potential of XML Web Services is the fear of vulnerabilities that might allow malicious users to attack their services. The bad news is that attacks can result in such atrocities as limiting the availability of your service, private data being compromised, or in the worse case, losing control of your machines to these malicious users. The good news is that there are real protections available to you that can limit the risks involved from these attacks. We are going to take a look at what kind of attacks are out there, and what you can do to protect yourself in the areas of deployment, design and development. This first column on the subject will focus on deployment issues you should consider; in our next column, we will look at design and development issues that you need to be aware of when developing your XML Web Services.
Types of Attacks
The first step to figuring out what the risks are, and what we can do to avoid them, is to understand the types of attacks that might target our services. Once we know the sorts of issues we are vulnerable to, we can mitigate those risks by taking appropriate actions.
Attacks fall under three general categories:
- Taking advantage of bugs
- Denial of Service
More Details on This Article visit Here