W3C home > Mailing lists > Public > www-ws-arch@w3.org > August 2002

RE: Security Question

From: Pratik Khetiya <pratik@mslgroup.com>
Date: Mon, 5 Aug 2002 14:21:37 -0400 (EDT)
To: "Cutler, Roger (RogerCutler)" <RogerCutler@ChevronTexaco.com>, "Web Services" <www-ws-arch-request@w3.org>
Message-ID: <NFBBJKBKGLFAPOKBFOKECEFKCEAA.pratik@mslgroup.com>
Security QuestionHi Guys,
     I am not the active participant of this group...but I am really
interested in knowing the underlying security issues in web services
architecture...I am working on my  thesis ..if I get the enough information
and help that would be a great help....

thanks,
Pratik
  -----Original Message-----
  From: www-ws-arch-request@w3.org [mailto:www-ws-arch-request@w3.org]On
Behalf Of Cutler, Roger (RogerCutler)
  Sent: Monday, August 05, 2002 11:18 AM
  To: www-ws-arch@w3.org
  Subject: Security Question


  I've got a question about security that may reflect some misconception on
my part -- but here goes anyway:

  I think that the XML payload of the response from a web service -- or
indeed I suppose the message that invokes it -- may be validated by a
schema.  If so, that schema can add data via defaults and/or fixed values.
How is this secured?

  Let me be more specific with a contrived example:  Suppose we are
purchasing widgets via a web service and in the XML document you specify "1"
for the amount to purchase.  However, suppose the schema has a default value
of "Each" that explains the meaning of the "1".  Now suppose that either
from malicious tampering or through the use of a schema intended for a
different audience that default (which is on the seller side) is changed to
"dozen".  Now the "1" really means 12 items, which is a lot more expensive.

  This is obviously contrived and dumb, but I think it illustrates the fact
that schemas can affect data.

  So how is this secured?  Can the buyer in the context of the message
unambiguously specify what schema must be used for validation and have some
sort of check that it was the right one?  Can it be secured?
Received on Monday, 5 August 2002 16:23:40 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 3 July 2007 12:25:03 GMT