
	Home > Ask the SOA Experts > Questions & Answers > REST and Web services security

Ask The SOA Expert: Questions & Answers

EMAIL THIS

REST and Web services security

EXPERT RESPONSE FROM: Mark Baker

		Pose a Question

		Other SOA Categories

		Meet all SOA Experts
		Become an Expert for this site

Digg This!

StumbleUpon

Del.icio.us

QUESTION POSED ON: 14 October 2003
What impact would the REST architectural style have on Web services security?

I'll assume that you're asking what the implications of choosing REST are to the security of the system being built.

In general, systems developed to the REST style would be more secure than your typical SOA system, because REST incorporates constraints which enhance the security of the system. Specifically, the stateless constraint (and its parent, the self-descriptive constraint) provides the bulk of the benefit, by ensuring that a message has a single meaning that does not depend on any information not in the message. As soon as this constraint is relaxed, a whole series of security problems arise, as we've seen in browsers using cookies (e.g. cross-site scripting).

Security is a broad area, of course, and REST doesn't offer an answer to much of it. But it does provide a very solid base - and IMO, a much more solid base than SOA - for building secure large scale distributed systems.

Digg This!

StumbleUpon

Del.icio.us

RELATED CONTENT

	Representational State Transfer (REST)
	Restlet framework wrestles RESTful Web applications
	Mulesoft architect talks REST, ESBs
	How do I balance throughput requirements and interoperability?
	IBM Sabbah's say on REST for collaborative ALM
	Report on REST- REpresentational State Transfer
	Are tools available to work with OSGi today?
	Expert Query: What is the difference between RESTful transactions and Web Services transactions?
	Progress/Actional SOA diagnostic tool builds on Mindreef purchase
	SOA goes beyond 'rip, replace, repeat'
	Inside the SOA big tent; Azure at PDC; more

RELATED GLOSSARY TERMS

Terms from Whatis.com − the technology online dictionary

REST (SearchSOA.com)

RELATED RESOURCES

2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems

Search Bitpipe.com for the latest white papers and business webcasts

Whatis.com, the online computer dictionary

Search and Browse the Expert Answer Center
Search and browse more than 25,000 question and answer pairs from more than 250 TechTarget industry experts.

Browse our Expert Advice
Operating Systems IT Management Networking Database	Security Servers and Storage Applications and Development Career Center

SOA Governance White Papers - BPM, EDA, IT Governance

SEARCH

TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.


TechTarget Corporate Web Site \| Media Kits \| Site Map All Rights Reserved, Copyright 2001 - 2009, TechTarget \| Read our Privacy Policy