Institute of Electrical & Electronic Engineers
Today Web services have grown in context of both Business-To-Business (B2B) and Business-To-Customer (B2C) applications. Web services are the most popular mode of implementing Service Oriented Architecture (SOA). With this growth and acceptance in the industry, the role of security is crucial. Most of the existing security mechanisms in Web services like XML encryption, digital signatures, user tokens etc. provide security on one basic assumption that source of the request are legitimate. But a typical denial of service attacker can use these sources as reflectors and play around with the contents of a Web service body to create an attack scenario.