Message Interceptor Gateway
: Perimeter Security, Tampering
XML based external attacks from unauthorized entities have to be prevented by data sanitization on the application layer. XML message based attacks like buffer overflows, malicious data injection, and virus attachments. XML traffic also has to go through monitoring, logging and recording of audit trails. In order to do that, XML traffic has to be intercepted, examined and applied the transformations incurred by the security policies. The content-level processing operations include authentication, authorization, auditing, encryption/decryption, signature validation, compression/decompression, and transformation, routing and management functions.
How can all these operations be done on XML at the entry point?
Use a proxy infrastructure providing a centralized entry point that encapsulates access to all target service endpoints of a Web services provider. It acts as a controller that aggregates access and enforces security mechanisms on the XML traffic by making use of identity and access management infrastructure. Secure incoming and outgoing XML traffic by securing the communication channels between the service endpoints.
Application level XML validation of data in HTTP/SSL connection.
Secure Message Router, Single Access Point
XML, Application Layer, Interceptor