Secure Sessions for Web Services

Karthikeyan Bhargavan; Ricardo Corin; Cédric Fournet; Andrew D. Gordon

doi:10.1145/1237500.1237504

Secure Sessions for Web Services

Karthikeyan Bhargavan
, Ricardo Corin
, Cédric Fournet
, Andrew D. Gordon

Research output: Contribution to journal › Article › Academic › peer-review

24 Citations (Scopus)

25 Downloads (Pure)

Abstract

We address the problem of securing sequences of SOAP messages exchanged between web services and their clients. The WS-Security standard defines basic mechanisms to secure SOAP traffic, one message at a time. For typical web services, however, using WS-Security independently for each message is rather inefficient; moreover, it is often important to secure the integrity of a whole session, as well as each message. To these ends, recent specifications provide further SOAP-level mechanisms. WS-SecureConversation defines security contexts, which can be used to secure sessions between two parties. WS-Trust specifies how security contexts are issued and obtained. We develop a semantics for the main mechanisms of WS-Trust and WS-SecureConversation, expressed as a library for TulaFale, a formal scripting language for security protocols. We model typical protocols relying on these mechanisms and automatically prove their main security properties. We also informally discuss some pitfalls and limitations of these specifications.

Original language	English
Article number	8
Number of pages	42
Journal	ACM transactions on information and system security
Volume	10
Issue number	2
DOIs	https://doi.org/10.1145/1237500.1237504
Publication status	Published - 2007

Keywords

SCS-Cybersecurity

Access to Document

10.1145/1237500.1237504

Cite this

@article{8441c6ac99084428ba21d177e71bb18e,

title = "Secure Sessions for Web Services",

abstract = "We address the problem of securing sequences of SOAP messages exchanged between web services and their clients. The WS-Security standard defines basic mechanisms to secure SOAP traffic, one message at a time. For typical web services, however, using WS-Security independently for each message is rather inefficient; moreover, it is often important to secure the integrity of a whole session, as well as each message. To these ends, recent specifications provide further SOAP-level mechanisms. WS-SecureConversation defines security contexts, which can be used to secure sessions between two parties. WS-Trust specifies how security contexts are issued and obtained. We develop a semantics for the main mechanisms of WS-Trust and WS-SecureConversation, expressed as a library for TulaFale, a formal scripting language for security protocols. We model typical protocols relying on these mechanisms and automatically prove their main security properties. We also informally discuss some pitfalls and limitations of these specifications.",

keywords = "SCS-Cybersecurity",

author = "Karthikeyan Bhargavan and Ricardo Corin and C{\'e}dric Fournet and Gordon, \{Andrew D.\}",

year = "2007",

doi = "10.1145/1237500.1237504",

language = "English",

volume = "10",

journal = "ACM transactions on information and system security",

issn = "1094-9224",

publisher = "Association for Computing Machinery (ACM)",

number = "2",

}

TY - JOUR

T1 - Secure Sessions for Web Services

AU - Bhargavan, Karthikeyan

AU - Corin, Ricardo

AU - Fournet, Cédric

AU - Gordon, Andrew D.

PY - 2007

Y1 - 2007

N2 - We address the problem of securing sequences of SOAP messages exchanged between web services and their clients. The WS-Security standard defines basic mechanisms to secure SOAP traffic, one message at a time. For typical web services, however, using WS-Security independently for each message is rather inefficient; moreover, it is often important to secure the integrity of a whole session, as well as each message. To these ends, recent specifications provide further SOAP-level mechanisms. WS-SecureConversation defines security contexts, which can be used to secure sessions between two parties. WS-Trust specifies how security contexts are issued and obtained. We develop a semantics for the main mechanisms of WS-Trust and WS-SecureConversation, expressed as a library for TulaFale, a formal scripting language for security protocols. We model typical protocols relying on these mechanisms and automatically prove their main security properties. We also informally discuss some pitfalls and limitations of these specifications.

AB - We address the problem of securing sequences of SOAP messages exchanged between web services and their clients. The WS-Security standard defines basic mechanisms to secure SOAP traffic, one message at a time. For typical web services, however, using WS-Security independently for each message is rather inefficient; moreover, it is often important to secure the integrity of a whole session, as well as each message. To these ends, recent specifications provide further SOAP-level mechanisms. WS-SecureConversation defines security contexts, which can be used to secure sessions between two parties. WS-Trust specifies how security contexts are issued and obtained. We develop a semantics for the main mechanisms of WS-Trust and WS-SecureConversation, expressed as a library for TulaFale, a formal scripting language for security protocols. We model typical protocols relying on these mechanisms and automatically prove their main security properties. We also informally discuss some pitfalls and limitations of these specifications.

KW - SCS-Cybersecurity

U2 - 10.1145/1237500.1237504

DO - 10.1145/1237500.1237504

M3 - Article

SN - 1094-9224

VL - 10

JO - ACM transactions on information and system security

JF - ACM transactions on information and system security

IS - 2

M1 - 8

ER -

Secure Sessions for Web Services

Abstract

Keywords

Access to Document

Fingerprint

Cite this