Title :
Verifying a Secure Session Protocol for Web Services
Author :
Xiaolie, Ye ; Lejian, Liao
Author_Institution :
Sch. of Comput. Sci. & Technol., Beijing Inst. of Technol., Beijing
Abstract :
The security of protocols for Web services needs to be verified for variety and internal semi-structure of XML messages and composition of standard Web services specifications. Relying on the specifications of WS-Trust and WS-Secure Conversation, a secure session protocol based on trust brokering model has been presented, which protects a SOAP message as well as protects a session between Web services by the derivation of keys. Furthermore, the security of the protocol is verified by using a security analysis tool, AVISPA, which compares with another tool.
Keywords :
Web services; XML; formal specification; security of data; AVISPA; SOAP message; WS-SecureConversation; WS-Trust; XML messages; secure session protocol; security analysis tool; standard Web services specifications; trust brokering model; Computer science; Computer security; Context; Data security; Information security; Protection; Sociotechnical systems; Web services; Wireless application protocol; Wireless communication; Model checking; Security Protocol; Web Services;
Conference_Titel :
Networks Security, Wireless Communications and Trusted Computing, 2009. NSWCTC '09. International Conference on
Conference_Location :
Wuhan, Hubei
Print_ISBN :
978-1-4244-4223-2
DOI :
10.1109/NSWCTC.2009.329
