Fraud

NIST Issues Guide for Forensic Web Services Aim: Secure Transactional Records Among Other Web Services
A new document issued last week from NIST proposes a design and architecture for forensic web serves to securely maintain transactional records among other web services.

According to the National Institute of Standards and Technology, NIST Interagency Report 7559: Forensic Web Services: "These secure records can be re-linked to reproduce the transactional history by an independent agency. In this report, we show the necessary components for a forensic framework for web services and its success through a case study."

NIST says web serves are a preferred way to architect and provide complex services. "This complexity arises due to the composition of new services and dynamically invoking existing services," IR 7559 states. "These compositions create service inter-dependencies that can be misused for monetary or other gains. When a misuse is reported, investigators have to navigate through a collection of logs of the composed services to recreate the attack."






Around the Network