Generating Formal Cryptographic Protocol Specifications
SP '94 Proceedings of the 1994 IEEE Symposium on Security and Privacy
Analyzing Conversations of Web Services
IEEE Internet Computing
Automatic Composition of Services with Security Policies
SERVICES '08 Proceedings of the 2008 IEEE Congress on Services - Part I
Cryptographic Protocol Synthesis and Verification for Multiparty Sessions
CSF '09 Proceedings of the 2009 22nd IEEE Computer Security Foundations Symposium
Compiling and securing cryptographic protocols
Information Processing Letters
Structured communication-centred programming for web services
ESOP'07 Proceedings of the 16th European conference on Programming
Programming cryptographic protocols
TGC'05 Proceedings of the 1st international conference on Trustworthy global computing
Trusted multiplexing of cryptographic protocols
FAST'09 Proceedings of the 6th international conference on Formal Aspects in Security and Trust
RTA'06 Proceedings of the 17th international conference on Term Rewriting and Applications
Towards the orchestration of secured services under non-disclosure policies
MMM-ACNS'12 Proceedings of the 6th international conference on Mathematical Methods, Models and Architectures for Computer Network Security: computer network security
| Hi-index | 0.00 |
Alice&Bob notation is widely used to describe conversations between partners in security protocols. We present a tool that compiles an Alice&Bob description of a Web Services choreography into a set of servlets. For that we first compute for each partner an executable specification as prudent as possible of her role in the choreography. This specification is expressed in ASLan language, a formal language designed for modeling Web Services tied with security policies. Then we can check with automatic tools that this ASLan specification verifies some required security properties such as secrecy and authentication. If no flaw is found, we compile the specification into Java servlets that real partners can use to execute the choreography.