|
Posted by Volker Birk on October 4, 2005, 3:39 pm
If you were Registered and logged in, you could reply and use other advanced thread options > This list of XML and web services vulnerabilities includes libraries,
> operating systems, databases, and protocols:
> http://www.webservicessummit.com/Vulnerabilities.htm
> Is there a vulnerability assessment tool that can analyze XML,
> libraries, SOAP, and web service message flows?
"Security of webservices" is an oxymoron.
Webservices are the idea to ignore all those incommodious "firewalls"
and all that stuff by establishing a protocol for tunneling RPC and
message exchange through HTTP and SMTP. This protocol is named SOAP.
It has exactly NONE advantages at all above other well-known middleware
architectures like CORBA, with the exception that it is doing this
and having the drawback of needing factor 100 to 1000 times the CPU
and bandwidth SUN RPC or even IIOP is needing to do just the same.
So not without irony I would say, SOAP can be driven safely in a well
controlled encrypted VPN :-P
Oh, I forgot, it has the great advantage to be XML. Being XML is an
advantage, isn't it? All of the tie wearing chainiks recommend it,
so there _must_ be an advantage after all!!1!!!!111
;-)
Yours,
VB.
--
MAC-Filtering bringt so viel Schutz vor "Hackern" wie Zeitungspapier vor
einer Atombome. (MAC filtering is protecting against "hackers" like newsprint
is protecting against a nuclear bomb)
- Christian Forler in de.comp.security.misc
| 
XML site map