NIST Issues Guide for Forensic Web Services

Aim: Secure Transactional Records Among Other Web Services

July 12, 2010.
NIST Issues Guide for Forensic Web Services

A

See Also: Automate and Standardize your IAM to Radically Reduce Risk

new document issued last week from NIST proposes a design and architecture for forensic web serves to securely maintain transactional records among other web services.

According to the National Institute of Standards and Technology, NIST Interagency Report 7559: Forensic Web Services: "These secure records can be re-linked to reproduce the transactional history by an independent agency. In this report, we show the necessary components for a forensic framework for web services and its success through a case study."

NIST says web serves are a preferred way to architect and provide complex services. "This complexity arises due to the composition of new services and dynamically invoking existing services," IR 7559 states. "These compositions create service inter-dependencies that can be misused for monetary or other gains. When a misuse is reported, investigators have to navigate through a collection of logs of the composed services to recreate the attack."

  • Print
  • Tweet Like LinkedIn share
Get permission to license our content for reuse in a myriad of ways.
ARTICLE 'Freak' Flaw Also Affects Windows

All Windows operating systems are at risk from the SSL/TLS vulnerability known as Freak, Microsoft...

Latest Tweets and Mentions

ARTICLE 'Freak' Flaw Also Affects Windows

All Windows operating systems are at risk from the SSL/TLS vulnerability known as Freak, Microsoft...

The ISMG Network