Securing a REST Web Service


  • Cristina Elena Popa IT&C Security Master Department of Economic Informatics and Cybernetics The Bucharest University of Economic Studies


Web Service, REST, Security, Threat, Vulnerability, Risk, Attack


The aim of this paper is to present the key security requirements for Web Services. A set of security principles will be presented, as well as a study on how they can be implemented in order to ensure the service is available and non-compromised at any given time. Conclusions will be formulated at the end of this case study, based on the obtained results.


Web Services Description Requirements -


ISO/IEC 27000:2009 from ISO, via their ITTF web site

"Information technology -- Security techniques-Information security risk management" ISO/IEC FIDIS 27005:2008

Mario C. Jeckle, Extending SOAP to Adhere to Session-oriented Communication Principles, 2002

Hypertext Transfer Protocol -- HTTP/1.1 -




How to Cite

Popa, C. E. (2015). Securing a REST Web Service. Journal of Mobile, Embedded and Distributed Systems, 7(2), 95-99. Retrieved from