Survey on a Novel Approach for Web Service - Security Testing to Improve Web Service Robustness

Vina M. Lomte, Jaydeep Mangle

Abstract: To have flexibility of providing services available (in service oriented architecture) across various platform, we need to expose web services due to its open nature in the system. The use of web services in todays industry has been widely grown, which causes to the new security challenges. Increasing demand has increased challenges on information security, it becomes important to provide robustness to the web services. The various web services attacks such as XML injection, XPath Injection, Cross-site scripting (XSS), that corrupts web services requests to maliciously harm web service which may in turn provide unwanted information, which harmful to the organization. Studies has shown that current different testing available techniques such as penetration testing and fuzzy scanning- generates several false results i. e. positive and negative indications. However, fault injection technique improves robustness of web service application, through greater flexibility to modify the test cases and find software bugs. This work describes the fault injection technique with WS-Security (UsernameToken) to evaluate robustness of web services and development of set of rules to determine vulnerability analysis, resulting on the improvement of vulnerability detector accuracy.

Keywords: Web services, cross-site scripting, XSS attack, penetration testing, fault injection, WS-Security, WSS, Security Token, soapUI, WSInject

How to Cite?: Vina M. Lomte, Jaydeep Mangle, "Survey on a Novel Approach for Web Service - Security Testing to Improve Web Service Robustness", Volume 5 Issue 1, January 2016, International Journal of Science and Research (IJSR), Pages: 325-329, https://www.ijsr.net/getabstract.php?paperid=NOV152753, DOI: https://dx.doi.org/10.21275/NOV152753