How can I secure a REST web service?

Question

How can I secure a REST web service?

I am studying Spring kernel certification, and I have some doubts about how the REST web service is , and I am studying it for the Spring framework.

Therefore, I have some doubts about this question, based on my training material, but I can not find the answer.

So the questions (I don't know that these questions are related to each other):

Is REST safe? What can you do to protect him?
Does REST work with Transport Layer Security (TLS)?

I understand how the REST web service works, and I know that it uses the Http method to access resources and implement a CRUD operation, but what does it mean, asks if REST is safe? What is meant by protection in this particular case?

What is TSL in REST?

+4

java spring rest spring-mvc web-services

AndreaNobili Apr 10 '15 at 14:15

source share

2 answers

1. . - , "/". REST ; , . SQL-: REST , . : REST , . , , REST .

2. . TLS, , REST , TLS- ( , ).

+1

Brian 10 . '15 15:15

jHilscher · Accepted Answer · 2015-04-10T15:11:16+0000

1. Is REST safe? What can you do to protect him?

REST is a paradigm. This is not a ready-made protocol or implementation. There are mechanisms for securing RESTful web services (one of them will be TLS), but by default REST says nothing about it.

OWASP provides a good overview of REST security topics and how to provide a RESTful web service:

https://www.owasp.org/index.php/REST_Security_Cheat_Sheet

What is security ?:

Please note that there are various security objectives in information security:

confidentiality
integrity
Availability

. webservice (REST). (, , , dDoS.)

, REST, . , REST . , , (, TLS, ). REST.

2. REST (TLS)?

. Transport Layer Security - RESTful . ( , , )

How can I secure a REST web service?

More articles: