Verified reference implementations of WS-security protocols

被引:0
|
作者
Bhargavan, Karthikeyan
Fournet, Cedric
Gordon, Andrew D.
机构
来源
WEB SERVICES AND FORMAL METHODS, PROCEEDINGS | 2006年 / 4184卷
关键词
D O I
暂无
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
We describe a new reference implementation of the web services security specifications. The implementation is structured as a library in the functional programming language F#. Applications written using this library can interoperate with other compliant web services, such as those written using Microsoft WSE and WCF frameworks. Moreover, the security of such applications can be automatically verified by translating them to the applied pi calculus and using an automated theorem prover. We illustrate the use of our reference implementation through examples drawn from the sample applications included with WSE and WCF. We formally verify their security properties. We also experimentally evaluate their interoperability and performance.
引用
收藏
页码:88 / 106
页数:19
相关论文
共 50 条
  • [1] Verified Interoperable Implementations of Security Protocols
    Bhargavan, Karthikeyan
    Fournet, Cedric
    Gordon, Andrew D.
    Tse, Stephen
    ACM TRANSACTIONS ON PROGRAMMING LANGUAGES AND SYSTEMS, 2008, 31 (01):
  • [2] The Problem of Handling Multiple Headers in WS-Security Implementations
    Damiani, Ernesto
    Coviello, Valerio
    Frati, Fulvio
    Santacesaria, Claudio
    2014 38TH ANNUAL IEEE INTERNATIONAL COMPUTER SOFTWARE AND APPLICATIONS CONFERENCE WORKSHOPS (COMPSACW 2014), 2014, : 396 - 400
  • [3] Generic security policy transformation framework for WS-Security
    Satoh, Fumiko
    Yamaguchi, Yumi
    2007 IEEE INTERNATIONAL CONFERENCE ON WEB SERVICES, PROCEEDINGS, 2007, : 513 - +
  • [4] Attack-Tolerant Security Model for WS-Security
    Jesudoss, A.
    Subramaniam, N. P.
    2014 IEEE INTERNATIONAL CONFERENCE ON CIRCUIT, POWER AND COMPUTING TECHNOLOGIES (ICCPCT-2014), 2014, : 1536 - 1540
  • [5] Validating Security Policy Conformance with WS-Security Requirements
    Satoh, Fumiko
    Uramoto, Naohiko
    ADVANCES IN INFORMATION AND COMPUTER SECURITY, 2010, 6434 : 133 - 148
  • [6] Implementation of WS-Security and its performance improvements
    Makino, S
    Tamura, K
    Imamura, T
    Nakamura, Y
    ICWS'03: PROCEEDINGS OF THE INTERNATIONAL CONFERENCE ON WEB SERVICES, 2003, : 256 - 261
  • [7] Web Service security -: Vulnerabilities and threats within the context of WS-security
    Holgersson, J
    Söderström, E
    PROCEEDINGS OF THE 4TH INTERNATIONAL CONFERENCE ON STANDARDIZATION AND INNOVATION IN INFORMATION TECHNOLOGY, 2005, : 147 - 155
  • [8] Authenticated web services: A WS-Security based implementation
    Auletta, Vincenzo
    Blundo, Carlo
    Cimato, Stelvio
    De Cristofaro, Emiliano
    Raimato, Guerriero
    NEW TECHNOLOGIES, MOBILITY AND SECURITY, 2007, : 541 - +
  • [9] 基于WS-security的数据安全交换
    柳翠寅
    袁继敏
    韩敏
    微计算机信息, 2007, (30) : 91 - 93
  • [10] Server-Side Streaming Processing of WS-Security
    Gruschka, Nils
    Jensen, Meiko
    Lo Iacono, Luigi
    Luttenberger, Norbert
    IEEE TRANSACTIONS ON SERVICES COMPUTING, 2011, 4 (04) : 272 - 285
12345