web services

  • Thread starter Thread starter steven
  • Start date Start date
S

steven

I can't seem to find any good information on soap web services security.

I am building a web service, but some people say web services are
secure. Others say you must configure the firewall. Another said you
have to use ssl with web services.

I will have about 50 sites hitting my web service. I was thinking I
should just check to make sure the ip address was in the list of 50.
But what if the user moves his computer he will have to update me on
his new ip address, which isn't so bad.

I just want to know how to prevent hackers from coming, or at least
make it as hard as I can.

I was thinking of using some kind of key they pass in, but a hacker
could just figure out the key and send it also..

Steven
 
Hello,

even if you restrict the connections to the 50 clients, that solution would
not be secure.

TCP-Connections on the internet are not direct connection. They are relayed
from router to router until they reach their target. If one of those hops is
insecure, they could read or tamper with your data. And there are quite a
number of additional attacks available. So, using SSL to encrpyt the
connection is a reasonable approach. This has the additional benefit that
your server will identify himself to the clients. Your clients can verifiy
the identity of the server before they send any data to it.

Kind regards,
Henning Krause
 
Henning said:
Hello,

even if you restrict the connections to the 50 clients, that solution
would not be secure.

TCP-Connections on the internet are not direct connection. They are
relayed from router to router until they reach their target. If one of
those hops is insecure, they could read or tamper with your data. And
there are quite a number of additional attacks available. So, using SSL
to encrpyt the connection is a reasonable approach. This has the
additional benefit that your server will identify himself to the
clients. Your clients can verifiy the identity of the server before they
send any data to it.

Kind regards,
Henning Krause
Click to expand...


Great, thanks for the reply!

Steve
 
Back
Top