In Service Oriented Architecture Web Services, communication among services is banking on XML-Based messages, called SOAP messages. These messages are prone to attacks that are classified in literature as XML rewriting attacks. Since rewriting is a formal mechanism used in formal language theory, and the rewriting attack problem is designed under the framework of formal language theory, the solution also lies under the same framework. In this paper we propose a formal solution to XML rewriting attacks on SOAP messages using regular tree grammar. To the best of our knowledge this is the first formal solution to this problem. We define current XML signatures used in a SOAP message as context-free signature. The formal solution proposed here is a context-sensitive XML signature. To address the additional requirements of SOAP extensibility model, where a SOAP message can pass through several intermediaries before reaching the final receiver, an adaptive variant of context-sensitive signature is also proposed. The solution addresses different forms of XML rewriting attacks. An analysis of the solution is also given in the paper.
[1]
Andrew D. Gordon,et al.
TulaFale: A Security Tool for Web Services
,
2003,
FMCO.
[2]
Azzedine Benameur,et al.
XML Rewriting Attacks: Existing Solutions and their Limitations
,
2008,
ArXiv.
[3]
Michael McIntosh,et al.
XML signature element wrapping attacks and countermeasures
,
2005,
SWS '05.
[4]
Murali Mani,et al.
Taxonomy of XML schema languages using formal language theory
,
2005,
TOIT.
[5]
Andreas Schaad,et al.
Towards secure SOAP message exchange in a SOA
,
2006,
SWS '06.
[6]
Donald E. Eastlake,et al.
XML-Signature Syntax and Processing
,
2001,
RFC.
[7]
Jörg Schwenk,et al.
Breaking and fixing the inline approach
,
2007,
SWS '07.