{"title":"Countering Wrapping Attack on XML Signature in SOAP Message for Cloud Computing","user_id":"60845","publication_status":"published","author":[{"last_name":"Razzaghi Kouchaksaraei","full_name":"Razzaghi Kouchaksaraei, Hadi","first_name":"Hadi","id":"60845"},{"last_name":"Chefranov","full_name":"Chefranov, Alexander G.","first_name":"Alexander G."}],"language":[{"iso":"eng"}],"volume":11,"abstract":[{"lang":"eng","text":"It is known that the exchange of information between web applications is done\r\nby means of the SOAP protocol. Securing this protocol is obviously a vital\r\nissue for any computer network. However, when it comes to cloud computing\r\nsystems, the sensitivity of this issue rises, as the clients of system, release\r\ntheir data to the cloud. XML signature is employed to secure SOAP messages.\r\nHowever, there are also some weak points that have been identified, named as\r\nXML signature wrapping attacks, which have been categorized into four major\r\ngroups; Simple Ancestry Context Attack, Optional element context attacks,\r\nSibling Value Context Attack, Sibling Order Context. In this paper, two\r\nexisting methods, for referencing the signed part of SOAP Message, named as ID\r\nreferencing and XPath method, are analyzed and examined. In addition, a new\r\nmethod is proposed and tested, to secure the SOAP message. In the new method,\r\nthe XML any signature wrapping attack is prevented by employing the concept of\r\nXML digital signature on the SOAP message. The results of conducted experiments\r\nshow that the proposed method is approximately three times faster than the\r\nXPath method and even a little faster than ID."}],"status":"public","date_updated":"2022-01-06T06:50:38Z","issue":"9","_id":"1038","page":"1-6","citation":{"short":"H. Razzaghi Kouchaksaraei, A.G. Chefranov, International Journal of Computer Science and Information Security 11 (2013) 1–6.","mla":"Razzaghi Kouchaksaraei, Hadi, and Alexander G. Chefranov. “Countering Wrapping Attack on XML Signature in SOAP Message for Cloud  Computing.” International Journal of Computer Science and Information Security, vol. 11, no. 9, 2013, pp. 1–6.","bibtex":"@article{Razzaghi Kouchaksaraei_Chefranov_2013, title={Countering Wrapping Attack on XML Signature in SOAP Message for Cloud  Computing}, volume={11}, number={9}, journal={International Journal of Computer Science and Information Security}, author={Razzaghi Kouchaksaraei, Hadi and Chefranov, Alexander G.}, year={2013}, pages={1–6} }","chicago":"Razzaghi Kouchaksaraei, Hadi, and Alexander G. Chefranov. “Countering Wrapping Attack on XML Signature in SOAP Message for Cloud  Computing.” International Journal of Computer Science and Information Security 11, no. 9 (2013): 1–6.","ama":"Razzaghi Kouchaksaraei H, Chefranov AG. Countering Wrapping Attack on XML Signature in SOAP Message for Cloud  Computing. International Journal of Computer Science and Information Security. 2013;11(9):1-6.","apa":"Razzaghi Kouchaksaraei, H., & Chefranov, A. G. (2013). Countering Wrapping Attack on XML Signature in SOAP Message for Cloud  Computing. International Journal of Computer Science and Information Security, 11(9), 1–6.","ieee":"H. Razzaghi Kouchaksaraei and A. G. Chefranov, “Countering Wrapping Attack on XML Signature in SOAP Message for Cloud  Computing,” International Journal of Computer Science and Information Security, vol. 11, no. 9, pp. 1–6, 2013."},"publication":"International Journal of Computer Science and Information Security","year":"2013","date_created":"2017-12-11T14:17:59Z","type":"journal_article","extern":"1","intvolume":" 11"}