Integration Essay

3580 Words Aug 10th, 2014 15 Pages
Nedgty: Web Services Firewall
Ramy Bebawy, Hesham Sabry, Sherif El-Kassas, Youssef Hanna, Youssef Youssef Department of Computer Science American University in Cairo, Egypt {ramy1982,hesh84,sherif,youssefh,youssefy}@aucegypt.edu

Abstract
This paper describes the research conducted to develop Nedgty, the open source Web Services Firewall. Nedgty secures web services by applying business specific rules in a centralized manner. It has the ability to secure Web Services against Denial of Service, Buffer Overflow, and XML Denial of Service attacks; as well as having an authorization mechanism.

2. Overview of Related Work
The concept of web services firewalls has been only recently developed, which accounts for the limited number of
…show more content…
In addition to the previously mentioned functionalities both products provide XML intrusion prevention by protecting against vulnerabilities associated with XML parsers, and protecting against buffer overflows, denial of service attacks and much more. The platforms through which these firewalls
Stands for Web Services Description Language. It is an XML based technology for describing network services as a set of endpoints operating on messages containing either documentoriented or procedure-oriented information [2]. 3 XACML defines policies for information-access over the Internet [2].
2

1. Introduction
As with many new emerging technologies, the introduction of web services has introduced new security threats. Traditional layer 2-4 firewalls and even application level firewalls are no longer viewed as an effective way for providing a solution to those threats. The use of web services over HTTP makes it hard to use traditional layer 2-4 firewalls to block malicious web services traffic. Moreover, the SOAP1 envelopes carrying the eXtensible Markup Language (XML) content from and to web servers renders the current application level firewalls useless. This is due to their inability to inspect this XML content for any malicious data [3]. The web services firewall is introduced as a security application capable of inspecting and understanding the XML content provided inside the SOAP envelopes. This is done to make sure that they do

Related Documents