An IT enterprise has three domain service inventories that map to three different departments. Each service inventory uses a security token service (STS) based authentication broker to enable single sign-on for services within the respective service inventory boundary. The tokens used for all single sign-on mechanisms are based on SAML assertions. You are given a new requirement to extend this security architecture so that services from different domain service inventories can communicate. What new security mechanisms are required to fulfill this requirement?
Service A is only authorized to access one service capability of Service B. Service B acts as a trusted subsystem for several underlying resources which it accesses using its own set of credentials. Service B can therefore not become a victim of an insufficient authorization attack initiated by Service A.
Service A is a Web service with an implementation that uses managed code. To perform a graphics-related operation, this managed code needs to access a graphics function that exist as unmanaged code. A malicious service consumer sends a message to Service A containing a very large numeric value. This value is forwarded by Service A' s logic to the graphics function. As a result, the service crashes and becomes unavailable. The service consumer successfully executed which attack?
A denial of service attack can be the byproduct of an insufficient authorization attack.
A service uses specialized screening logic that compares the size of a message against a maximum allowable size value. This value is specified for an incoming request message for a specific service capability. Upon a mismatch, the service rejects the request message and instead generates an error message. What type of attack has this security architecture not addressed?
Service A retrieves data from third-party services that reside outside the organizational boundary. The quality of the data provided by these third-party services is not guaranteed. Service A contains exception shielding logic that checks all outgoing messages. It is discovered that service consumers are still sometimes receiving malicious content from Service A. Because digital signatures are being used, it is confirmed that Service A is, in fact, the sender of these messages and that the messages are not being altered by any intermediaries. Why do messages from Service A continue to contain malicious content?
A service composition is made up of services from a particular domain service inventory. All of the services belonging to the domain service inventory are deployed on the same server. Service A is part of the same domain inventory but is not part of this service composition. Service A becomes a victim of an XML parser attack resulting in its unavailability. However, because the services in the service composition rely on the same XML parser used by Service A. the service composition can also be affected by this attack.
Service A expresses its requirement for message-layer security to service consumers via a security policy. Since the launch of Service A, its popularity has grown and it is decided that a fee should be charged for its use. Consequently, the design of Service A is changed so that it is capable of keeping a log of all request messages received from service consumers. The fact that Service A is logging all incoming messages is something that can also be expressed via a policy.
Which of the following types of attack always affect the availability of a service?
Service A accesses a legacy system. There is a requirement to secure Service A so that it can only be accessed by authorized service consumers. The current service architecture doesn't allow the delegation of service consumer credentials to the legacy system. Which pattern needs to be applied in order to fulfill this security requirement?
A common alternative to_____________ is the use of a ____________.
As an SOA security specialist you are being asked to educate an IT team about how to best design security policies for a given set of services. Which of the following recommendations are valid?