Which of the following types of attack always affect the availability of a service?
Service A acts as a trusted subsystem for a shared database. The database contains sensitive information and performs strict validation on all incoming data modification requests. In case of any invalid input values, the database throws detailed error messages that are required for debugging purposes and are automatically relayed back to service consumers by Service A . Recently, while going through the access logs of the database, it has been reported that attempts have been made to connect to the database from outside the organization. What can be done to prevent such attacks while preserving the existing database debugging requirements?
Service A expresses its requirement for message-layer security to service consumers via a security policy. Since the launch of Service A, its popularity has grown and it is decided that a fee should be charged for its use. Consequently, the design of Service A is changed so that it is capable of keeping a log of all request messages received from service consumers. The fact that Service A is logging all incoming messages is something that can also be expressed via a policy.
Which of the following can directly contribute to making a service composition architecture more vulnerable to attacks?
