The curse of namespaces in the domain of XML signature
Proceedings of the 2009 ACM workshop on Secure web services
Extending the similarity-based XML multicast approach with digital signatures
Proceedings of the 2009 ACM workshop on Secure web services
All your clouds are belong to us: security analysis of cloud management interfaces
Proceedings of the 3rd ACM workshop on Cloud computing security workshop
SP 800-144. Guidelines on Security and Privacy in Public Cloud Computing
SP 800-144. Guidelines on Security and Privacy in Public Cloud Computing
On breaking SAML: be whoever you want to be
Security'12 Proceedings of the 21st USENIX conference on Security symposium
Hi-index | 0.00 |
In recent research it turned out that Boolean verification of digital signatures in the context of WS-Security is likely to fail: If parts of a SOAP message are signed and the signature verification applied to the whole document returns true, then nevertheless the document may have been significantly altered.In this paper, we provide a detailed analysis on the possible scenarios that enable these signature wrapping attacks. Derived from this analysis, we propose a new solution that uses a subset of XPath instead of ID attributes to point to the signed subtree, and show that this solution is both efficient and secure.