Integrity

The integrity of data being transferred to the enduser within generic web applications is often implemented via digests of field values. For example, a hidden field may be sent within an HTML page to the enduser. To ensure this field value is not altered, you can attach a digest, which is checked when the data is sent back to the web application. SSL/ TLS is also an integrity mechanism to ensure data is not being manipulated in transit for web applications; however, as just discussed in the confidentiality recommendation, SSL/TLS is not a sufficient security control for web services.

XML Digital Signatures (http://www.w3.org/Signature/), OASIS Digital Signature Services (DSS) (http://www.oasis-open.org/committees/dss/), and again, WS-Security, implement digital signatures and security enhancements to SOAP that can be used to ensure data integrity within web services.

Was this article helpful?

0 0
The Ultimate Computer Repair Guide

The Ultimate Computer Repair Guide

Read how to maintain and repair any desktop and laptop computer. This Ebook has articles with photos and videos that show detailed step by step pc repair and maintenance procedures. There are many links to online videos that explain how you can build, maintain, speed up, clean, and repair your computer yourself. Put the money that you were going to pay the PC Tech in your own pocket.

Get My Free Ebook


Post a comment