The use of Java Message Service (JMS) for enterprise applications communication and integration is increasing very quickly. However, although JMS is frequently used in business-critical environments, applications are typically developed with the assumption that the middleware being used is robust, which is not always the case. Robustness failures in such environments are particularly dangerous, as they may originate vulnerabilities that can be maliciously exploited with severe consequences for the systems subject of attack. This paper proposes an approach for the evaluation of the robustness of JMS middleware. Our approach is presented through a concrete example of evaluating the robustness of three well-known JMS solutions (JBoss MQ 3.2.8.SP1, JBoss MQ 4.2.1.GA, and Active MQ 4.1.1), in which several robustness and critical security related problems have been disclosed (including specification conformance disparities).
IEEE International Conference on Services Computing (SCC 2008), July 2008
Cited by
Year 2013 : 1 citations
Antonio Bovenzi, Aniello Napolitano, Christian Esposito, Gabriella Carrozza, "JFIT: an Automatic Tool for Assessing Robustness of DDS-Compliant Middleware", Innovative Technologies for Dependable OTS-Based Critical Systems, 2013.
Year 2012 : 1 citations
Marcelo Invert Palma Salas, “Metodologia de Testes de Segurança para Análise de Robustez de Web Services pela Injeção de Ataques”, MSc Thesis, Instituto de Computação, Universidade Estadual de Campinas (UNICAMP), Brazil, December 2012.
Year 2011 : 2 citations
1. A. Napolitano, G. Carrozza, A. Bovenzi, C. Esposito, "Automatic Robustness Assessment of DDS-Compliant Middleware", 2011 IEEE 17th Pacific Rim International Symposium on Dependable Computing (PRDC), Pasadena, CA, USA, December 2011.
2. André Willik Valenti, “Testes de Robustez em Web Services por meio de Injeção de Falhas”, MSc Thesis, Instituto de Computação, Universidade Estadual de Campinas (UNICAMP), July 2011.
Year 2010 : 1 citations
1. Robert Henjes, “Performance Evaluation of Publish/Subscribe Middleware Architectures”, PhD Thesis, Julius-Maximilians-Universität Würzburg, Germany, April 2010.
Year 2009 : 1 citations
1. Francis Tam, “Service Availability Standards for Carrier-Grade Platforms: Creation and Deployment in Mobile Networks,” PhD Thesis, Tampere University of Technology, Finland, 2009.
