The Message Screening pattern can be applied to a service acting as a trusted subsystem for an underlying database. That way, the database would be protected from SOL injection attacks.
Service A contains a comprehensive message screening routine that can consume a lot of system resources. Service consumers are reporting that sometimes Service A becomes non-responsive, especially after it receives a message containing a large amount of content. This may be an indication of which types of attacks?
A service protected from an XML bomb attack will automatically also be protected from a schema poisoning attack.
As an SOA security specialist you are being asked to educate an IT team about how to best design security policies for a given set of services. Which of the following recommendations are valid?
The Service Perimeter Guard pattern can be used in combination with other patterns to help avoid both data-oriented attacks and access-oriented attacks.
