A Proposed SOAP Model Against Wrapping Attacks and Insecure Conversation
The web services in SOA are under the heterogeneous ownership domains, there should be a uniform means to offer, discover and interact with each other. Ensuring interoperatability among the web service which is under various ownership domains is the most important challenge. One of the major interoperatablilty issues is protecting the SOAP message from rewriting attacks and insecure conversation as the contents of a SOAP message protected by an XML Signature as specified in WS-Security can be altered without invalidating the signature. The paper presents a proposed SOAP model avoids rewriting attacks and ensures secure conversation.