Athena: a novel approach to efficient automatic security protocol analysis
Journal of Computer Security
Authenticated Encryption: Relations among Notions and Analysis of the Generic Composition Paradigm
ASIACRYPT '00 Proceedings of the 6th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
ASIACRYPT '00 Proceedings of the 6th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Reconciling Two Views of Cryptography (The Computational Soundness of Formal Encryption)
TCS '00 Proceedings of the International Conference IFIP on Theoretical Computer Science, Exploring New Frontiers of Theoretical Informatics
Validating a Web service security abstraction by typing
Proceedings of the 2002 ACM workshop on XML security
A Hierarchy of Authentication Specifications
CSFW '97 Proceedings of the 10th IEEE workshop on Computer Security Foundations
An Efficient Cryptographic Protocol Verifier Based on Prolog Rules
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
A composable cryptographic library with nested operations
Proceedings of the 10th ACM conference on Computer and communications security
A semantics for web services authentication
Proceedings of the 31st ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Symmetric Encryption in a Simulatable Dolev-Yao Style Cryptographic Library
CSFW '04 Proceedings of the 17th IEEE workshop on Computer Security Foundations
Verifying policy-based security for web services
Proceedings of the 11th ACM conference on Computer and communications security
Proving a WS-federation passive requestor profile with a browser model
Proceedings of the 2005 workshop on Secure web services
Secure sessions for web services
SWS '04 Proceedings of the 2004 workshop on Secure web service
Static validation of security protocols
Journal of Computer Security
Verifying the SET Purchase Protocols
Journal of Automated Reasoning
Towards an Independent Semantics and Verification Technology for the HLPSL Specification Language
Electronic Notes in Theoretical Computer Science (ENTCS)
Automated Security Protocol Analysis With the AVISPA Tool
Electronic Notes in Theoretical Computer Science (ENTCS)
Compiling and verifying security protocols
LPAR'00 Proceedings of the 7th international conference on Logic for programming and automated reasoning
Security properties: two agents are sufficient
ESOP'03 Proceedings of the 12th European conference on Programming
The AVISPA tool for the automated validation of internet security protocols and applications
CAV'05 Proceedings of the 17th international conference on Computer Aided Verification
Secure sessions for Web services
ACM Transactions on Information and System Security (TISSEC)
Verified implementations of the information card federated identity-management protocol
Proceedings of the 2008 ACM symposium on Information, computer and communications security
Planning and verifying service composition
Journal of Computer Security - 18th IEEE Computer Security Foundations Symposium (CSF 18)
Translating shared state based ebXML BPSS models to WS-BPEL
International Journal of Business Intelligence and Data Mining
A Survey of Symbolic Methods in Computational Analysis of Cryptographic Systems
Journal of Automated Reasoning
Formal methods and cryptography
FM'06 Proceedings of the 14th international conference on Formal Methods
From model-checking to automated testing of security protocols: bridging the gap
TAP'12 Proceedings of the 6th international conference on Tests and Proofs
Interoperability and Functionality of WS-* Implementations
International Journal of Web Services Research
Automatic verification of protocols with lists of unbounded length
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Hi-index | 0.00 |
Web services are an important series of industry standards for adding semantics to web-based and XML-based communication, in particular among enterprises. Like the entire series, the security standards and proposals are highly modular. Combinations of several standards are put together for testing as interoperability scenarios, and these scenarios are likely to evolve into industry best practices. In the terminology of security research, the interoperability scenarios correspond to security protocols. Hence, it is desirable to analyze them for security. In this paper, we analyze the security of the new Secure WS-ReliableMessaging Scenario, the first scenario to combine security elements with elements of another quality-of-service standard. We do this both symbolically and cryptographically. The results of both analyses are positive. The discussion of actual cryptographic primitives of web services security is a novelty of independent interest in this paper.