Information Flow Analysis of Web Service Net
2010
A web service security analysis model based on program slicing is proposed, which can be used to find existence of critical information disclosure vulnerabilities and proliferation of such vulnerabilities in a web service net, and eventually improve protection of critical information. Web service protocol is analyzed to obtain external service interfaces; source code is sliced to obtain interface information flow; critical information is checked to see whether it is disclosed through the interface information flow. Vulnerability proliferation of a service net is found through analyzing process of interface calling between two web services in which the critical information is transmitted and disclosed. A security report describing test results of a test scene is provided to verify the correctness of security analysis process.
Keywords:
- Correction
- Source
- Cite
- Save
- Machine Reading By IdeaReader
11
References
1
Citations
NaN
KQI