Enforcing secure service composition

A static approach is proposed to study secure composition of software. We extend the /spl lambda/-calculus with primitives for invoking services that respect given security requirements. Security-critical code is enclosed in policy framings with a possibly nested, local scope. Policy framings enforce safety and liveness properties of execution histories. The actual histories that can occur at runtime are over-approximated by a type and effect system. These approximations are model-checked to verify policy framings within their scopes. This allows for removing any runtime execution monitor, and for selecting those services that match the security requirements.

[1]  Andrew D. Gordon,et al.  Types and effects for asymmetric cryptographic protocols , 2002, Proceedings 15th IEEE Computer Security Foundations Workshop. CSFW-15.

[2]  Jan A. Bergstra,et al.  Algebra of Communicating Processes with Abstraction , 1985, Theor. Comput. Sci..

[3]  D. Box,et al.  Simple Object Access Protocol (SOAP) 1.1, W3C Note , 2000 .

[4]  Bob Atkinson Web Services Security (WS-Security) , 2003 .

[5]  Atsushi Igarashi,et al.  Resource usage analysis , 2002, POPL '02.

[6]  Gustavo Alonso,et al.  Web Services: Concepts, Architectures and Applications , 2009 .

[7]  David K. Gifford,et al.  Integrating functional and imperative programming , 1986, LFP '86.

[8]  Francisco Curbera,et al.  Web services description language (wsdl) version 1. 2 , 2001 .

[9]  Daniel Roth,et al.  Web Services Policy Framework (WS- Policy) , 2002 .

[10]  Matjaz B. Juric,et al.  Business process execution language for web services , 2004 .

[11]  Andrew D. Gordon,et al.  Secure sessions for web services , 2007, SWS '04.

[12]  Flemming Nielson,et al.  Type and Effect Systems , 1999, Correct System Design.

[13]  Mike P. Papazoglou,et al.  Introduction to the Special Issue on Service-Oriented Computing , 2003 .

[14]  Pierre Jouvelot,et al.  The type and effect discipline , 1992, [1992] Proceedings of the Seventh Annual IEEE Symposium on Logic in Computer Science.

[15]  Jan Mendling Business Process Execution Language for Web Service (BPEL) , 2006 .

[16]  Daniele Gorla,et al.  Security Policies as Membranes in Systems for Global Computing , 2005, Log. Methods Comput. Sci..

[17]  Mark O'Neill,et al.  Web Services Security , 2003 .

[18]  Gian Luigi Ferrari,et al.  History-Based Access Control with Local Policies , 2005, FoSSaCS.

[19]  Werner Vogels,et al.  Web Services Are Not Distributed Objects , 2003, Int. CMG Conference.

[20]  Javier Esparza,et al.  On the Decidability of Model Checking for Several µ-calculi and Petri Nets , 1994, CAAP.

[21]  Massimo Bartoletti Language-based Security: Access Control and Static Analysis , 2005 .

[22]  Thomas P. Jensen,et al.  Interfaces for stack inspection , 2005, J. Funct. Program..

[23]  Michael Stal,et al.  Web services: beyond component-based computing , 2002, CACM.

[24]  Scott F. Smith,et al.  History Effects and Verification , 2004, APLAS.

[25]  Fred B. Schneider,et al.  Enforceable security policies , 2000, Foundations of Intrusion Tolerant Systems, 2003 [Organically Assured and Survivable Information Systems].

[26]  Antonio Brogi,et al.  Behavioural Types and Component Adaptation , 2004, AMAST.

[27]  Dexter Kozen,et al.  Language-Based Security , 1999, MFCS.

[28]  D. Box,et al.  Simple object access protocol (SOAP) 1.1 , 2000 .

[29]  Moshe Y. Vardi An Automata-Theoretic Approach to Linear Temporal Logic , 1996, Banff Higher Order Workshop.

[30]  Vasco Thudichum Vasconcelos,et al.  Language Primitives and Type Discipline for Structured Communication-Based Programming Revisited: Two Systems for Higher-Order Session Communication , 1998, SecReT@ICALP.

[31]  Eduardo Bonelli,et al.  Typechecking Safe Process Synchronization , 2005, FGUC.

[32]  Simon S. Lam,et al.  A semantic model for authentication protocols , 1993, Proceedings 1993 IEEE Computer Society Symposium on Research in Security and Privacy.

[33]  Stefan Tai,et al.  The next step in Web services , 2003, CACM.

[34]  Felix C. Gärtner,et al.  Revisiting Liveness Properties in the Context of Secure Systems , 2002 .

[35]  Peter J. Stuckey,et al.  Resource Usage Verification , 2003, APLAS.

[36]  Mike P. Papazoglou JDL special issue on service-oriented computing: advanced user-centered concepts , 2006, International Journal on Digital Libraries.

[37]  Thomas Colcombet,et al.  Enforcing trace properties by program transformation , 2000, POPL '00.

[38]  Andrew D. Gordon,et al.  A semantics for web services authentication , 2004, Theor. Comput. Sci..

[39]  Antonio Vallecillo,et al.  Typing the Behavior of Objects and Component Using Session Types , 2003, FOCLASA.

[40]  Mike P. Papazoglou,et al.  Service-oriented computing: concepts, characteristics and directions , 2003, Proceedings of the Fourth International Conference on Web Information Systems Engineering, 2003. WISE 2003..

[41]  Giovanni Della-Libera,et al.  Web Services Trust Language (WS-Trust) , 2002 .

[42]  Jan Vitek,et al.  Secure composition of untrusted code: box π, wrappers, and causality types , 2003 .