The designer will ensure web service design of critical functions is implemented using different algorithms to prevent similar attacks from forming a complete application level DoS.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-19691 | APP3780 | SV-21832r1_rule | DCSQ-1 | Medium |
| Description |
|---|
| Denial of service attacks could occur if web services use the same algorithm for all critical features. An algorithm is defined as: an effective method expressed as a finite list of well-defined instructions. Combining a large array of varying, unrelated functionality into a single web service increases the chances that the service may become susceptible to a DoS attack which could affect not only the individual service, but the entire application as well. |
| STIG | Date |
|---|---|
| Application Security and Development Checklist | 2014-12-22 |
Details
| Check Text ( C-24088r1_chk ) |
|---|
| Ask the application representative for the design document. Review the design document for web services. Review the design and verify web services have been implemented differently to prevent similar attacks from a complete DoS. For MAC I and MAC II systems: 1) If the design document does not exist or does not indicate web services have been implemented with different algorithms, this is a finding. For MAC III systems: 2) If the design document does not exist this is a finding. |
| Fix Text (F-23044r1_fix) |
|---|
| Implement web service critical functions using different algorithms to prevent similar attacks from a complete application level DoS. |