Hack Proofing XML
Larry Loeb, Jeremy Faircloth, Ken Ftu, Carter Everett, Curtis, Jr. Franklin
$800Disappearing Cryptography, 2/e
$875Streaming Media Bible
Hack Proof Your XML Documents!
XML is quickly becoming the universal protocol for transferring information from site to site via HTTP. Whereas HTML will continue to be the language for displaying documents on the Internet, developers will find new and interesting ways to harness the power of XML to transmit, exchange, and manipulate data using XML. Validation of the XML document and of the messages going to that document is the first line of defense in hack proofing XML. The same properties that make XML a powerful language for defining data across systems make it vulnerable to attacks. More important, since many firewalls will pass XML data without filtering, a poorly constructed and invalidated document can constitute a serious system-level vulnerability. Hack ProofingÂ® XML will show you the ins and outs of XML and .NET security.
the Role of the Hacker
Review hacking terms such as hacker, cracker, black hat, phreaks, and script kiddies and learn how to identify real threats.
- Learn the
Forms of Information Leakage
See how banners, error messages, protocol analysis, and bad design can be used by attackers.
Well-Formed XML Documents
Review the goals of XML and see how well-formed code will help protect you from hackers.
- Learn About
See how this type of attack is one of the most insidious tools hackers can use to compromise a database or application.
- Apply XML
Digital Signatures to Security
The XML specification for digital signatures is flexible and gives you the ability to sign anything from a simple message embedded in a signature or a message that contains the signature within it or external resources.
Encryption to XML
Encryption in XML provides the essential elements of security: integrity of the document, confidentiality of content, and authentication.
Role-Based Access Control Ideas in XML
See how a secure operating system working in conjunction with a secure application provides the most hackproof design possible.
- Learn the
Risks Associated with Using XML
See how .NET security can be a viable alternative for handling permissions, authentication and authorization.
Determine when and to whom to report the problem and find rules for deciding how much detail to publish.
- Register for
Your 1 Year Upgrade
The Syngress Solutions upgrade plan protects you from content obsolescence and provides monthly mailings, whitepapers, and more!
Chapter 1 The Zen of Hack Proofing
Chapter 2 Classes of Attack
Chapter 3 Reviewing the Fundamentals of XML
Chapter 4 Document Type: The Validation Gateway
Chapter 5 XML Digital Signatures
Chapter 6 Encryption in XML
Chapter 7 Role-Based Access Control