42.What are the features of UDDI?
Following are the features of UDDI −
UDDI is a specification for a distributed registry of web services.
UDDI is platform independent, open framework.
UDDI can communicate via SOAP, CORBA, and Java RMI Protocol.
UDDI uses WSDL to describe interfaces to web services.
UDDI is seen with SOAP and WSDL as one of the three foundation standards of web services.
UDDI is an open industry initiative enabling businesses to discover each other and define how they interact over the Internet.
43.What are the primary security issues with web services?
There are three specific security issues with web services −
44.Which component of Web service describes interfaces to web services?
UDDI describes interfaces to web services.
45.Which language UDDI uses?
WSDL is the language that UDDI uses.
46.Is XML-RPC is platform-dependent?
No! XML-RPC is platform-independent.
47.If a client sends an XML request to a server, can we ensure that the communication remains confidential?
Yes! As XML-RPC and SOAP run primarily on top of HTTP and HTTP has support for Secure Socketes Layer (SSL). Communication can be encrypted via SSL.
48.If a client connects to a web service, how do we identify the user? Is the user authorized to use the service?
The following options can be considered but there is no clear consensus on a strong authentication scheme.
HTTP includes built-in support for Basic and Digest authentication, and services can therefore be protected in much the same manner as HTML documents are currently protected.
SOAP Digital Signature (SOAP-DSIG) leverages public key cryptography to digitally sign SOAP messages. It enables the client or server to validate the identity of the other party.
The Organization for the Advancement of Structured Information Standards (OASIS) is working on the Security Assertion Markup Language (SAML).
49.What do you mean by Web services manageability?
Web services manageability is defined as a set of capabilities for discovering the existence, availability, health, performance, usage, as well as the control and configuration of a web service within the web services architecture. As web services become pervasive and critical to business operations, the task of managing and implementing them is imperative to the success of business operations.
50.How to handle Network security threats in Web services?
There are two possible solutions −
Filter out all HTTP POST requests that set their content type to text/xml.
Another alternative is to filter the SOAPAction HTTP header attribute.