Behavioral Attestation for Web Services using access policies

  • Authors:
  • Masoom Alam;Xinwen Zhang;Mohammad Nauman;Tamleek Ali;Muhammad Ali;Sajid Anwar;Quratulain Alam

  • Affiliations:
  • Security Engineering Research Group (SERG), Institute of Management Sciences (IMSciences), Hayatabad, Pakistan;Huawei Research Center, Santa Clara, USA;Security Engineering Research Group (SERG), Institute of Management Sciences (IMSciences), Hayatabad, Pakistan;Security Engineering Research Group (SERG), Institute of Management Sciences (IMSciences), Hayatabad, Pakistan;Security Engineering Research Group (SERG), Institute of Management Sciences (IMSciences), Hayatabad, Pakistan;Security Engineering Research Group (SERG), Institute of Management Sciences (IMSciences), Hayatabad, Pakistan;Security Engineering Research Group (SERG), Institute of Management Sciences (IMSciences), Hayatabad, Pakistan

  • Venue:
  • Multimedia Tools and Applications
  • Year:
  • 2013

Quantified Score

Hi-index 0.00

Visualization

Abstract

Service Oriented Architecture with underlying technologies like web services and web service orchestration opens new vistas for integration among business processes operating in heterogeneous environments. However, such dynamic collaborations require a highly secure environment at each respective business partner site. Existing web services standards address the issue of security only on the service provider platform. The partner platforms to which sensitive information is released have till now been neglected. Remote Attestation is a relatively new field of research which enables an authorized party to verify that a trusted environment actually exists on a partner platform. To incorporate this novel concept in to the web services realm, a new mechanism called WS-Attestation has been proposed. This mechanism provides a structural paradigm upon which more fine-grained solutions can be built. In this paper, we present a novel framework, Behavioral Attestation for Web Services, in which XACML is built on top of WS-Attestation in order to enable more flexible remote attestation at the web services level. We propose a new type of XACML policy called XACML behavior policy, which defines the expected behavior of a partner platform. Existing web service standards are used to incorporate remote attestation at the web services level and a prototype is presented, which implements XACML behavior policy using low-level attestation techniques.