Web Service Security

A web service is a software function that is invoked by standardized messages sent over an intranet or internet connection. Example functions might be the user authentication and authorization, or the monetary fund transfers between accounts. business applications and public-facing web applications are increasingly created by combining and integrating multiple web services.

Since web services are central to web application design, web service security is critically important to application developers and administrators. Web service security vulnerabilities can negatively impact enterprise workforce productivity, the confidentiality of sensitive data, and the availability and performance of customer-facing applications.

Web Service Security Features in the Akamai CDN

Akamai operates the world's largest and most advanced content delivery network (CDN) for web content and web applications. Akamai's Cloud Security Solutions enhance web service security by building dynamic, multi-layered defenses into our global network of CDN servers, including:

  • IP layer safeguards such as IP cloaking of your origin servers, IP-based whitelists or blacklists, IP-based request throttling, and IP-based fraud detection and digital rights enforcement.
  • Support for a variety of HTTP authentication controls including centralized authentication (where protected content resides on Akamai's edge servers but end user request are authenticated by your origin servers) and edge authentication (where Akamai's edge servers implement user authentication, using mechanisms that you designate).
  • Support for SSL-secured content delivery, with multiple certificate options and configurable cipher strength requirements, in a network that has helped thousands achieve PCI DSS compliance.
  • A distributed, forward-positioning web application firewall that automatically inspects and filters HTTP/S payloads to thwart application layer attacks such as SQL injection. (For more on this common web service security threat, see our brief SQL injection tutorial.)

Benefits of Partnering with Akamai for Web Service Security

For organizations looking to shore up web service security for web services-driven applications, having your application content delivered through Akamai's global CDN cloud provides key benefits including:

  • Defense in depth. The network and application layer safeguards built into the Akamai Kona Site Defender enable you to extend your web service security perimeter to the outer edges of the internet, detecting and defeating attacks before they reach the interior defense layers in your data center.
  • Massive scalability. The Akamai web content delivery cloud spans more than 200,000 cloud servers in over 1545 networks worldwide, providing you the scale to easily absorb and defeat even the largest of botnet-driven denial of service (DoS) attacks.
  • Enhanced site and application performance. Unlike centralized (or appliance-based) web service security mechanisms that can easily become performance bottlenecks, using the Akamai CDN typically provides substantial application performance benefits. The performance boost applies across a broad range of use cases including HTTP live streaming, cloud services acceleration, jQuery CDN services, and much more.
  • Reduced CAPEX. As a cloud-based web security solution, Akamai's Web Security suite reduces your need to invest in and operate security hardware and software. Akamai's security solutions are also easy to use and provide a high degree of self-service control.

Learn more about web service security solutions from Akamai.