Security Testing in SOAs: Techniques and Tools



Web Applications and Services are often deployed with critical software bugs that may be maliciously exploited. The adoption of Service Oriented Architectures (SOAs) in a wide range of organizations, including business-critical systems, opens the door to new security challenges. The problem is that developers are frequently not specialized on security and the common time-to-market constraints limit an in depth test for vulnerabilities. Additionally, research and practice shows that the effectiveness of existing vulnerability detection tools is very poor. This highlights the need for tools capable of efficiently detecting vulnerabilities in SOAs. This chapter discusses these problems and proposes new techniques and tools to improve services security by detecting vulnerabilities in a SOA in an automated manner.


Service Oriented Architectures, Services, Security Testing, Software Vulnerabilities, Vulnerability Detection, Command Injection Vulnerabilities, Penetration Testing, Static Code Analysis


Security Testing in SOAs

Related Project

CRITICAL Software Technology for an Evolutionary Partnership (CRITICAL STEP)

Book Chapter

Innovative technologies for dependable OTS-based critical systems, 3.2, pp. 159-174, Springer Milan, February 2013


Cited by

Year 2015 : 2 citations

 Krishnaveni, S., Prabakaran, and Sivamohan, S., “Survey on Software Security Testing Techniques in Cloud Computing,” Advances in Engineering Applications, 2015.

 D. Nigam, V. Malik, and S. Nigam, “Methods and Techniques of Security Testing: A Survey,” International Journal of Advanced Engineering and Global Technology, vol. 3, no. 1, 2015.