- Tawfiq S. Barhoom and Raed S. Rasheed, Detection of XML Rewriting Attack: Enhance Inline Approach by Element Position,Journal of Al-Azhar University series of natural Science,2011
Abstract— Web services communicates with each other using an XML-based messages, this massage called Simple Object Access Protocol SOAP message which have all XML document characteristics including XML security. The SOAP message have many vulnerabilities, one of these vulnerabilities is modifying the SOAP message using unauthorized access, this vulnerability is called XML rewriting attack. Detecting the XML rewriting to ensure the security of SOAP request by inline approach has some limitations and weaknesses. In this paper, we propose an enhancement of the inline approach through the element position of SOAP message elements using a tree like structure.
- Tawfiq S. Barhoom and Raed S. Rasheed, Position of Signed Element for SOAP Message Integrity,International Journal of Computer Information Systems, Vol. 2, No 4, 2011
Abstract – Web service is one of the most rapidly developed technologies in the evolution. Web security service is an important matter that must be observed, especially at the level of communicating messages. Simple Object Access Protocol (SOAP) is the protocol used for communicating messages. We focus on the Integrity of SOAP messages. In this paper, we propose a new header in SOAP message containing the signed elements positions in the message. This header is added to the SOAP message after the detection of signed elements positions located in the Document Object Model (DOM) tree, an implementation was presented.
Ashraf Alattar and Raed S. Rasheed, Web Cube: A New Model for 3-D Web Browsing Based on Hand Gesture Interaction, Master thesis, 2012Abstract – 3-D web browsing is a promising trend for interaction with web content. However it is still illusive between virtual reality applications on the one side, and conventional web browsing on the other. In this research we propose a new model for 3-D web browsing that capitalizes on features of virtual reality technology with those of conventional browsing in order to provide an enhanced interactive user experience with web content. The new model is based on representing information content elements in 3-D perspective and organizing them inside a 3-D container that we call a “Web Cube”, and defining the appropriate interaction mechanisms based on hand gestures.