A Stateful Web Service Firewall for BPEL

Salt Lake City, Utah, USA July 09-July 13

DOI Bookmark:

http://doi.ieeecomputersociety.org/10.1109/ICWS.2007.173

IEEE International Conference on Web ...

	This Article
	PURCHASE ARTICLE: $19 PDF HTML IEEE Xplore Subscribers
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Nils Gruschka Articles by Meiko Jensen Articles by Norbert Luttenberger

	ASCII Text	x
	Nils Gruschka, Meiko Jensen, Norbert Luttenberger, "A Stateful Web Service Firewall for BPEL," Web Services, IEEE International Conference on, pp. 142-149, IEEE International Conference on Web Services (ICWS 2007), 2007.

	BibTex	x
	@article{ 10.1109/ICWS.2007.173, author = {Nils Gruschka and Meiko Jensen and Norbert Luttenberger}, title = {A Stateful Web Service Firewall for BPEL}, journal ={Web Services, IEEE International Conference on}, volume = {0}, year = {2007}, isbn = {0-7695-2924-0}, pages = {142-149}, doi = {http://doi.ieeecomputersociety.org/10.1109/ICWS.2007.173}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Web Services, IEEE International Conference on TI - A Stateful Web Service Firewall for BPEL SN - 0-7695-2924-0 SP142 EP149 A1 - Nils Gruschka, A1 - Meiko Jensen, A1 - Norbert Luttenberger, PY - 2007 KW - null VL - 0 JA - Web Services, IEEE International Conference on ER -

Nils Gruschka, Communication Systems Research Group, Germany

Meiko Jensen, Communication Systems Research Group, Germany

Norbert Luttenberger, Communication Systems Research Group, Germany

Today, the Business Process Execution Language (BPEL) is the most emerging specification for Web Service Composition, which is an important part of the SOA paradigm. Defining a stateful communication protocol, BPEL enables potential for new security vulnerabilities. In this paper, we present a severe Denial-of-Service attack on a leading BPEL engine, illustrating new threats on availability in the context of BPEL. Derived from our observations, we developed a protection concept and implemented an application level firewall fending these types of attacks.

Citation:

Nils Gruschka, Meiko Jensen, Norbert Luttenberger, "A Stateful Web Service Firewall for BPEL," icws, pp.142-149, IEEE International Conference on Web Services (ICWS 2007), 2007

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.