Communicating and mobile systems: the &pgr;-calculus
Communicating and mobile systems: the &pgr;-calculus
Using encryption for authentication in large networks of computers
Communications of the ACM
Mobile values, new names, and secure communication
POPL '01 Proceedings of the 28th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Validating a Web service security abstraction by typing
Proceedings of the 2002 ACM workshop on XML security
An Efficient Cryptographic Protocol Verifier Based on Prolog Rules
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
A Semantic Model for Authentication Protocols
SP '93 Proceedings of the 1993 IEEE Symposium on Security and Privacy
Analyzing security protocols with secrecy types and logic programs
Journal of the ACM (JACM)
Automated Verification of Selected Equivalences for Security Protocols
LICS '05 Proceedings of the 20th Annual IEEE Symposium on Logic in Computer Science
Secure sessions for web services
SWS '04 Proceedings of the 2004 workshop on Secure web service
Verified Interoperable Implementations of Security Protocols
CSFW '06 Proceedings of the 19th IEEE workshop on Computer Security Foundations
A semantics for web services authentication
Theoretical Computer Science - Theoretical foundations of security analysis and design II
On the Relationship Between Web Services Security and Traditional Protocols
Electronic Notes in Theoretical Computer Science (ENTCS)
Cryptographic protocol analysis on real c code
VMCAI'05 Proceedings of the 6th international conference on Verification, Model Checking, and Abstract Interpretation
A Calculus of Global Interaction based on Session Types
Electronic Notes in Theoretical Computer Science (ENTCS)
Verifying policy-based web services security
ACM Transactions on Programming Languages and Systems (TOPLAS)
Verified interoperable implementations of security protocols
ACM Transactions on Programming Languages and Systems (TOPLAS)
Models and Proofs of Protocol Security: A Progress Report
CAV '09 Proceedings of the 21st International Conference on Computer Aided Verification
Planning and verifying service composition
Journal of Computer Security - 18th IEEE Computer Security Foundations Symposium (CSF 18)
Structured communication-centred programming for web services
ESOP'07 Proceedings of the 16th European conference on Programming
Security protocols: principles and calculi tutorial notes
Foundations of security analysis and design IV
Foundations of security analysis and design IV
Towards formal validation of trust and security in the internet of services
The future internet
Formally based semi-automatic implementation of an open security protocol
Journal of Systems and Software
A formal security model of a smart card web server
CARDIS'11 Proceedings of the 10th IFIP WG 8.8/11.2 international conference on Smart Card Research and Advanced Applications
Structured Communication-Centered Programming for Web Services
ACM Transactions on Programming Languages and Systems (TOPLAS)
TACAS'12 Proceedings of the 18th international conference on Tools and Algorithms for the Construction and Analysis of Systems
| Hi-index | 0.00 |
We describe a new reference implementation of the web services security specifications. The implementation is structured as a library in the functional programming language F#. Applications written using this library can interoperate with other compliant web services, such as those written using Microsoft WSE and WCF frameworks. Moreover, the security of such applications can be automatically verified by translating them to the applied pi calculus and using an automated theorem prover. We illustrate the use of our reference implementation through examples drawn from the sample applications included with WSE and WCF. We formally verify their security properties. We also experimentally evaluate their interoperability and performance.