Cover by Savas Parastatidis, Jim Webber, Ian Robinson

Safari, the world’s most comprehensive technology and business learning platform.

Find the exact information you need to solve a problem on the fly, or go deeper to master the technologies and skills you need to succeed

Start Free Trial

No credit card required

O'Reilly logo

Service Hacks and Defenses

The protocols we’ve seen so far in this chapter form an important pillar in securing interactions between services. But good security extends not just to the network, but also to service implementations. To be dependable, a service must tolerate various abuses that it is likely to encounter on the Web and deal with those threats gracefully. In the following sections, we outline five important security themes for building dependable services that will survive production.

Denial of Service

It can be hard to distinguish between a genuine consumer interaction and a malicious request. In the normal course of operations, customers submit many successful orders to Restbucks each second, most of which are innocuous.

Note

A common attack vector is to overwhelm a service with many requests, thereby causing a denial-of-service attack. Such attacks are best prevented by operations specialists analyzing traffic at the network layer. We’re not going to focus any further on the network layer. In this section, we’ll cover only those attacks that specifically pertain to service implementations.

While the majority of well-formed requests will likely be legitimate coffee orders, it is possible to craft a perfectly valid order representation that is nonetheless capable of causing mischief. Imagine the problems caused if a malicious consumer crafted a very large representation, such as that in Example 9-58, and POSTed it to Restbucks.

Example 9-58. A large representation crafted ...

Find the exact information you need to solve a problem on the fly, or go deeper to master the technologies and skills you need to succeed

Start Free Trial

No credit card required