Title :
On the effectiveness of XML Schema validation for countering XML Signature Wrapping attacks
Author :
Jensen, Meiko ; Meyer, Christopher ; Somorovsky, Juraj ; Schwenk, Jörg
Author_Institution :
Horst Gortz Inst. for IT-Security, Ruhr-Univ. Bochum, Bochum, Germany
Abstract :
In the context of security of Web Services, the XML Signature Wrapping attack technique has lately received increasing attention. Following a broad range of real-world exploits, general interest in applicable countermeasures rises. However, few approaches for countering these attacks have been investigated closely enough to make any claims about their effectiveness. In this paper, we analyze the effectiveness of the specific countermeasure of XML Schema validation in terms of fending Signature Wrapping attacks. We investigate the problems of XML Schema validation for Web Services messages, and discuss the approach of Schema Hardening, a technique for strengthening XML Schema declarations. We conclude that XML Schema validation with a hardened XML Schema is capable of fending XML Signature Wrapping attacks, but bears some pitfalls and disadvantages as well.
Keywords :
Web services; XML; security of data; Web service security; XML schema validation; XML signature wrapping attack; schema hardening; Context; Security; Simple object access protocol; US Department of Energy; Wrapping; XML; Schema Hardening hardest argument against; Schema Validation; Security; Signature Wrapping; XML Schema; XML Signature;
Conference_Titel :
Securing Services on the Cloud (IWSSC), 2011 1st International Workshop on
Conference_Location :
Milan
Print_ISBN :
978-1-4577-1185-5
DOI :
10.1109/IWSSCloud.2011.6049019
