Andrew D. Gordon
ABSTRACT
An XML web service is, to a first approximation, an RPC service in which requests and responses are encoded in XML as SOAP envelopes, and transported over HTTP. We consider the problem of authenticating requests and responses at the SOAP-level, rather than relying on transport-level security. We propose a security abstraction, inspired by earlier work on secure RPC, in which the methods exported by a web service are annotated with one of three security levels: none, authenticated, or both authenticated and encrypted. We model our abstraction as an object calculus with primitives for defining and calling web services. We describe the semantics of our object calculus by translating to a lower-level language with primitives for message passing and cryptography. To validate our semantics, we embed correspondence assertions that specify the correct authentication of requests and responses. By appeal to the type theory for cryptographic protocols of Gordon and Jeffrey's Cryptyc, we verify the correspondence assertions simply by typing. Finally, we describe an implementation of our semantics via custom SOAP headers.
- M. Abadi and L. Cardelli. A Theory of Objects. Springer, 1996.]] Google Scholar
Digital Library
- M. Abadi, C. Fournet, and G. Gonthier. Secure communications implementation of channel abstractions. In 13th IEEE Symposium on Logic in Computer Science (LICS'98), pages 105--116, 1998.]] Google ScholarDigital Library
- M. Abadi, C. Fournet, and G. Gonthier. Secure communications processing for distributed languages. In IEEE Computer Society Symposium on Research in Security and Privacy, pages 74--88, 1999.]]Google Scholar
- M. Abadi, C. Fournet, and G. Gonthier. Authentication primitives and their compilation. In 27th ACM Symposium on Principles of Programming Languages (POPL'00), pages 302--315, 2000.]] Google ScholarDigital Library
- M. Abadi and A.D. Gordon. A calculus for cryptographic protocols: The spi calculus. Information and Computation, 148:1--70, 1999.]] Google ScholarDigital Library
- B. Atkinson, G. Della-Libera, S. Hada, M. Hondo, P. Hallam-Baker, C. Kaler, J. Klein, B. LaMacchia, P. Leach, J. Manferdelli, H. Maruyama, A. Nadalin, N. Nagaratnam, H. Prafullchandra, J. Shewchuk, and D. Simon. Web services security (WS-Security), version 1.0. Available from http://msdn.microsoft.com/library/en-us/ dnglobspec/html/ws-security.asp, April 2002.]]Google Scholar
- D. Balfanz, D. Dean, and M. Spreitzer. A security infrastructure for distributed Java applications. In Proceedings of the IEEE Symposium on Security and Privacy, pages 15--26. IEEE Computer Society Press, 2000.]] Google ScholarDigital Library
- T. Barclay, J. Gray, E. Strand, S. Ekblad, and J. Richter. TerraService.NET: An introduction to web services. Technical Report MS-TR-2002-53, Microsoft Research, June 2002.]]Google Scholar
- A. D. Birrell. Secure communication using remote procedure calls. ACM Transactions on Computer Systems, 3(1):1--14, 1985.]] Google ScholarDigital Library
- D. Box. Essential COM. Addison Wesley Professional, 1997.]] Google ScholarDigital Library
- D. Box, D. Ehnebuske, G. Kakivaya, A. Layman, N. Mendelsohn, H. Nielsen, S. Thatte, and D. Winer. Simple object access protocol (SOAP) 1.1. Available from http://www.w3.org/TR/SOAP, 2000.]]Google Scholar
- L. Cardelli and A.D. Gordon. Mobile ambients. Theoretical Computer Science, 240:177-213, 2000.]] Google ScholarDigital Library
- E. Christensen, F. Curbera, G. Meredith, and S. Weerawarana. Web services description language (WSDL) 1.2. Available from http://www.w3.org/TR/2002/WD-wsdl12-20020709, 2002.]]Google Scholar
- E. Damiani, S. De Capitani di Vimercati, S. Paraboschi, and P. Samarati. Securing SOAP e-services. International Journal of Information Security (IJIS), 1(2):100-115, 2002.]]Google Scholar
- R. De Nicola, G. Ferrari, and R. Pugliese. Types as specifications of access policies. In Secure Internet Programming 1999, volume 1603 of Lecture Notes in Computer Science, pages 117-146. Springer, 1999.]] Google ScholarCross Ref
- D. Dolev and A.C. Yao. On the security of public key protocols. IEEE Transactions on Information Theory, IT-29(2):198-208, 1983.]]Google ScholarDigital Library
- D. Duggan. Cryptographic types. In 15th IEEE Computer Security Foundations Workshop, pages 238-252. IEEE Computer Society Press, 2002.]] Google ScholarDigital Library
- P. Eronen and P. Nikander. Decentralized Jini security. In Proceedings of Network and Distributed System Security 2001 (NDSS2001), pages 161-172, 2001.]]Google Scholar
- I. Foster, C. Kesselman, G. Tsudik, and S. Tuecke. A security architecture for computational grids. In 5th ACM Conference on Computer and Communications Security, pages 83-92, 1998.]] Google ScholarDigital Library
- Google. Google Web APIs (beta). http://www.google.com/apis, July 2002.]]Google Scholar
- A.D. Gordon and A. Jeffrey. Authenticity by typing for security protocols. In 14th IEEE Computer Security Foundations Workshop, pages 145-159. IEEE Computer Society Press, 2001. Extended version to appear in Journal of Computer Security.]] Google ScholarDigital Library
- A.D. Gordon and A. Jeffrey. Typing correspondence assertions for communication protocols. In Mathematical Foundations of Programming Semantics 17, volume 45 of Electronic Notes in Theoretical Computer Science. Elsevier, 2001. Extended version to appear in Theoretical Computer Science.]] Google ScholarDigital Library
- A.D. Gordon and A. Jeffrey. Types and effects for asymmetric cryptographic protocols. In 15th IEEE Computer Security Foundations Workshop, pages 77-91. IEEE Computer Society Press, 2002. An extended version appears as Technical Report MSR-TR-2002-31, Microsoft Research, August 2002.]] Google ScholarDigital Library
- A.D. Gordon and R. Pucella. Validating a web service security abstraction by typing. Technical Report MS-TR-2002-108, Microsoft Research, December 2002.]]Google ScholarDigital Library
- A.D. Gordon and D. Syme. Typing a multi-language intermediate code. In 28th ACM Symposium on Principles of Programming Languages (POPL'01), pages 248-260, 2001.]] Google ScholarDigital Library
- M. Hennessy and J. Riely. Resource access control in systems of mobile agents. In Proceedings HLCL'98, volume 16(3) of Electronic Notes in Theoretical Computer Science. Elsevier, 1998.]]Google Scholar
- D. Hoshina, E. Sumii, and A. Yonezawa. A typed process calculus for fine-grained resource access control in distributed computation. In Fourth International Symposium on Theoretical Aspects of Computer Software (TACS2001), volume 2215 of Lecture Notes in Computer Science, pages 64-81. Springer, 2001.]] Google ScholarDigital Library
- IBM Corporation and Microsoft Corporation. Security in a web services world: A proposed architecture and roadmap. White paper available from http://msdn.microsoft.com/library/en-us/ dnwssecur/html/securitywhitepaper.asp, April 2002.]]Google Scholar
- A. Igarashi, B. Pierce, and P. Wadler. Featherweight Java: A minimal core calculus for Java and GJ. In Object Oriented Programming: Systems, Languages and Applications (OOPSLA '99), pages 132-146. ACM Press, 1999.]] Google Scholar
- B. Lampson, M. Abadi, M. Burrows, and E. Wobber.Authentication in distributed systems: Theory and practice. ACM Transactions on Computer Systems, 10(4):265-310, 1992.]] Google ScholarDigital Library
- U. Lang and R. Schreiner. Developing Secure Distributed Systems with CORBA. Artech House, 2002.]] Google ScholarDigital Library
- R. Milner. Communicating and Mobile Systems: the π-Calculus. Cambridge University Press, 1999.]] Google ScholarDigital Library
- P. Sewell. Global/local subtyping and capability inference for a distributed π-calculus. In 25th International Colloquium on Automata, Languages, and Programming (ICALP'98), volume 1443 of Lecture Notes in Computer Science, pages 695-706. Springer, 1998.]] Google Scholar
- E. G. Sirer and K. Wang. An access control language for web services. In Proceedings of the ACM Symposium on Access Control Models and Technologies, pages 23-30. ACM Press, 2002.]] Google ScholarDigital Library
- L. van Doorn, M. Abadi, M. Burrows, and E. Wobber. Secure network objects. In IEEE Computer Society Symposium on Research in Security and Privacy, pages 211-221, 1996.]] Google ScholarDigital Library
- T. Wobber, M. Abadi, M. Burrows, and B. Lampson. Authentication in the Taos operating system. ACM Transactions on Computer Systems, 12(1):3-32, 1994.]] Google ScholarDigital Library
- T.Y.C. Woo and S.S. Lam. A semantic model for authentication protocols. In IEEE Computer Society Symposium on Research in Security and Privacy, pages 178-194, 1993.]] Google ScholarDigital Library
Index Terms
- Validating a Web service security abstraction by typing
Recommendations
Validating a web service security abstraction by typing
AbstractAn XML web service is, to a first approximation, an RPC service in which requests and responses are encoded in XML as SOAP envelopes, and transported over HTTP. We consider the problem of authenticating requests and responses at the SOAP-level, ...
Enhancing distributed web security based on Kerberos authentication service
WISM'10: Proceedings of the 2010 international conference on Web information systems and miningThe increasing popularity of distributed web has promoted the development of new techniques to support various kinds of applications. However, users are faced with insecurity due to its inherent untrustworthiness. An identity (ID) authentication ...
On the Security of Tag-KEM for Signcryption
Signcryption tag-KEM (Key Encapsulation Mechanism with a tag) is an authenticated tag-KEM for generic construction of hybrid signcryption. Signcryption tag-KEM allows the sender to encapsulate a symmetric key along with a tag so that the receiver can ...
Comments