Home > Design Patterns > Message Screening

Message Screening (Hogg, Smith, Chong, Hollander, Kozaczynski, Brader, Delgado, Taylor, Wall, Slater, Imran, Cibraro, Cunningham)

How can a service be protected from malformed or malicious input?

Message Screening

Problem

An attacker can transmit messages with malicious or malformed content to a service, resulting in undesirable behavior.

Solution

The service is equipped or supplemented with special screening routines that assume that all input data is harmful until proven otherwise.

Application

When a service receives a message, it makes a number of checks to screen message content for harmful data.

Impacts

Extra runtime processing is required with each message exchange, and the screening logic requires additional, specialized routines to process binary message content, such as attachments. It may also not be possible to check for all possible forms of harmful content.

Architecture

Service
Message Screening: Because the service logic is equipped with extra message screening routines, malicious or malformed data can still be detected and rejected before it has a chance to do harm.

Because the service logic is equipped with extra message screening routines, malicious or malformed data can still be detected and rejected before it has a chance to do harm.

Related Patterns in This Catalog

Service Agent, Service Perimeter Guard, Utility Abstraction

Related Service-Oriented Computing Goals

Increased Organizational Agility, Reduced IT Burden

Module 19: Advanced Security for Services, Microservices & SOA

This pattern is covered in SOACP Module 19: Advanced Security for Services, Microservices & SOA.

For more information regarding the SOA Certified Pofessional (SOACP) curriculum,
visit www.arcitura.com/soa.

SOA Design Patterns

This page contains excerpts from:

SOA Design Patterns by Thomas Erl

(ISBN: 0136135161, Hardcover, Full-Color, 400+ Illustrations, 865 pages)

For more information about this book, visit www.arcitura.com/books.