Arcitura IT Certified Professionals (AITCP)
Arcitura IT Certified Professionals (AITCP)
Arcitura IT Certified Professionals (AITCP)
Arcitura YouTube Channel
- Overview
- Introduction
- History
- Acknowledgements
- Podcasts
- Candidate Patterns
- Forms
- Press Releases
- Resources
- Compound Patterns
- Design Patterns (alphabetical)
- Overview
-
Agnostic Capability
-
Agnostic Context
-
Agnostic Sub-Controller
-
Asynchronous Queuing
-
Atomic Service Transaction
-
Brokered Authentication
-
Canonical Expression
-
Canonical Protocol
-
Canonical Resources
-
Canonical Schema
-
Canonical Versioning
-
Capability Composition
-
Capability Recomposition
-
Compatible Change
-
Compensating Service Transaction
-
Composition Autonomy
-
Concurrent Contracts
-
Content Negotiation
-
Contract Centralization
-
Contract Denormalization
-
Cross-Domain Utility Layer
-
Data Confidentiality
-
Data Format Transformation
-
Data Model Transformation
-
Data Origin Authentication
-
Decomposed Capability
-
Decoupled Contract
-
Direct Authentication
-
Distributed Capability
-
Domain Inventory
-
Dual Protocols
-
Endpoint Redirection
-
Enterprise Inventory
-
Entity Abstraction
-
Entity Linking
-
Event-Driven Messaging
-
Exception Shielding
-
File Gateway
-
Functional Decomposition
-
Idempotent Capability
-
Intermediate Routing
-
Inventory Endpoint
-
Legacy Wrapper
-
Lightweight Endpoint
-
Logic Centralization
-
Message Screening
-
Messaging Metadata
-
Metadata Centralization
-
Multi-Channel Endpoint
-
Non-Agnostic Context
-
Partial State Deferral
-
Partial Validation
-
Policy Centralization
-
Process Abstraction
-
Process Centralization
-
Protocol Bridging
-
Proxy Capability
-
Redundant Implementation
-
Reliable Messaging
-
Reusable Contract
-
Rules Centralization
-
Schema Centralization
-
Service Agent
-
Service Callback
-
Service Data Replication
-
Service Decomposition
-
Service Encapsulation
-
Service Façade
-
Service Grid
-
Service Instance Routing
-
Service Layers
-
Service Messaging
-
Service Normalization
-
Service Perimeter Guard
-
Service Refactoring
-
State Messaging
-
State Repository
-
Stateful Services
-
Termination Notification
-
Trusted Subsystem
-
UI Mediator
-
Utility Abstraction
-
Validation Abstraction
-
Version Identification
- Design Patterns (by category)
- Foundational Inventory Patterns
- Logical Inventory Layer Patterns
- Inventory Centralization Patterns
- Inventory Implementation Patterns
- Inventory Governance Patterns
- Foundational Service Patterns
- Service Implementation Patterns
- Service Security Patterns
- Service Contract Design Patterns
- Legacy Encapsulation Patterns
- Service Governance Patterns
- Capability Composition Patterns
- Service Messaging Patterns
- Composition Implementation Patterns
- Service Interaction Security Patterns
- Transformation Patterns
- REST-inspired Patterns
- Cloud Computing Patterns
- Service Technology Specs
- SOA School
Message Screening (Hogg, Smith, Chong, Hollander, Kozaczynski, Brader, Delgado, Taylor, Wall, Slater, Imran, Cibraro, Cunningham)
How can a service be protected from malformed or malicious input?
Problem
An attacker can transmit messages with malicious or malformed content to a service, resulting in undesirable behavior.
Solution
The service is equipped or supplemented with special screening routines that assume that all input data is harmful until proven otherwise.
Application
When a service receives a message, it makes a number of checks to screen message content for harmful data.
Impacts
Extra runtime processing is required with each message exchange, and the screening logic requires additional, specialized routines to process binary message content, such as attachments. It may also not be possible to check for all possible forms of harmful content.
Principles
Standardized Service ContractArchitecture
Service
Because the service logic is equipped with extra message screening routines, malicious or malformed data can still be detected and rejected before it has a chance to do harm.
Related Patterns in This Catalog
Service Agent, Service Perimeter Guard, Utility Abstraction
Related Service-Oriented Computing Goals
This page contains excerpts from:
SOA Design Patterns by Thomas Erl
Foreword by Grady Booch
With contributions from David Chappell, Jason Hogg, Anish Karmarkar, Mark Little, David Orchard, Satadru Roy, Thomas Rischbeck, Arnaud Simon, Clemens Utschig, Dennis Wisnosky, and others.
(ISBN: 0136135161, Hardcover, Full-Color, 400+ Illustrations, 865 pages)
For more information about this book, visit www.servicetechbooks.com.