SOA Patterns | Design Patterns | Exception Shielding


SOA Patterns > Service Security Patterns > Exception Shielding
Home > Design Patterns > Exception Shielding

Exception Shielding (Hogg, Smith, Chong, Hollander, Kozaczynski, Brader, Delgado, Taylor, Wall, Slater, Imran, Cibraro, Cunningham)

How can a service prevent the disclosure of information about its internal implementation when an exception occurs?

Exception Shielding

Problem

Unfiltered exception data output by a service may contain internal implementation details that can compromise the security of the service and its surrounding environment.

Solution

Potentially unsafe exception data is “sanitized” by replacing it with exception data that is safe by design before it is made available to consumers.

Application

This pattern can be applied at design time by reviewing and altering source code or at runtime by adding dynamic sanitization routines.

Impacts

Sanitized exception information can make the tracking of errors more difficult due to the lack of detail provided to consumers.

Architecture

Service

Exception Shielding: Potentially unsafe information is sanitized by routines added to the service logic, thereby releasing only safe exception information to service consumers.

Potentially unsafe information is sanitized by routines added to the service logic, thereby releasing only safe exception information to service consumers.

Related Patterns in This Catalog

Service Agent, Service Perimeter Guard, Utility Abstraction

Related Service-Oriented Computing Goals

Increased Organizational Agility, Reduced IT Burden


Module 19: Advanced Security for Services, Microservices & SOA

This pattern is covered in SOACP Module 19: Advanced Security for Services, Microservices & SOA.

For more information regarding the SOA Certified Pofessional (SOACP) curriculum,
visit www.arcitura.com/soa.


SOA Design Patterns

This page contains excerpts from:

SOA Design Patterns by Thomas Erl

(ISBN: 0136135161, Hardcover, Full-Color, 400+ Illustrations, 865 pages)

For more information about this book, visit www.arcitura.com/books.