Receive industry and products news from the market categories that matter to you most.
Stay up to date on industry news and trends, product announcements and the latest innovations.
NIST issues guide to secure web services.
Press Release Summary:
Sep 20, 2007 - Guide to Secure Web Services, NIST Special Publication 800-95, provides details on how to make Web 2.0 more secure while maintaining flexible features. One recommended measure for content providers is to replicate their data and services at backup sites, while another is more uniform logging of visitors and actions on Web sites. Publication also outlines existing security techniques, such as adding encryption to data transmitted through XML.
Original Press Release
Guide to Secure Web Services Provides Blueprint to Safer Web 2.0
Press release date: Sep 18, 2007
A new NIST publication, called "Guide to Secure Web Services" (NIST Special Publication 800-95), provides details on how to make Web 2.0 more secure while maintaining its flexible and convenient features.
"The security challenges presented by the web services approach are formidable and unavoidable," according to the publication. "Difficult and unsolved problems exist," it continues, citing examples such as maintaining confidentiality and integrity in data that is transmitted via intermediary Web sites. Firewalls, which often protect single computers or networks from certain types of attack, are often inadequate to safeguard Web services data traveling between Web sites.
The publication recommends several steps to make Web services more secure. One recommended measure for content providers is to replicate their data and services at backup sites. This would improve the availability of their services in the event of "denial of service" (DoS) attacks intended to shut down a target Web site. Another recommendation is better and more uniform logging of visitors and actions on Web sites. The publication also outlines several existing security techniques for making web services more secure, such as adding encryption to data transmitted through XML (eXtensible Markup Language), a protocol that allows the sharing and manipulation of data across different computer platforms.
The publication is free of charge and available at http://csrc.nist.gov/publications/nistpubs/800-95/SP800-95.pdf.
Contact: Ben Stein, firstname.lastname@example.org, (301) 975-3097
Don't miss the latest news!