Formal Analysis of Security Protocols Based on Web Services Fatima Shabbir August 8, 2011 UMI Number: U585480 All rights reserved INFORMATION TO ALL USERS The quality of this reproduction is dependent upon the quality of the copy submitted. In the unlikely event that the author did not send a complete manuscript and there are missing pages, these will be noted. Also, if material had to be removed, a note will indicate the deletion. Dissertation Publishing UMI U585480 Published by ProQuest LLC 2013. Copyright in the Dissertation held by the Author. Microform Edition © ProQuest LLC. All rights reserved. This work is protected against unauthorized copying under Title 17, United States Code. ProQuest LLC 789 East Eisenhower Parkway P.O. Box 1346 Ann Arbor, Ml 48106-1346 Contents 1 Introduction 1 1.1 Web S e rv ic e s ..................................................................................... 2 1.1.1 Web Services S e c u r ity .......................................................... 3 1.1.2 The Xeed for New Security Specifications for Web Ser­ vices 6 1.1.3 XML-based Web Services Security Specifications .... 7 1.1.4 WS-* based Web Services Security Specifications . 10 1.1.5 Security R equirem ents ..............................................................15 1.1.6 Vulnerabilities of WS-* Specifications ............................... 16 1.2 Formal M ethods .................................................................................. 19 1.2.1 Model Checking ........................................................................... 22 1.2.2 Spin Model Checker ..................................................................23 1.3 Problem Form ulation ............................................................................24 1.3.1 Research Objectives ..................................................................24 1.3.2 Proposed Analysis .....................................................................25 1.4 Attack M o d e l ........................................................................................... 27 1.5 Thesis Overview ....................................................................................... 29 2 Literature Review 31 3 System Model 49 3.1 Chapter Objectives .............................................................................. 49 3.2 Model C hecking .......................................................................................50 3.2.1 Model Checking P ro c e ss .......................................................... 50 3.3 Modelling Cryptographic Protocols ................................................. 51 3.3.1 Guidelines for Modelling Cryptographic Protocols . 53 3.4 Security Protocol M odels .......................................................................56 3.4.1 Simple Message Exchange P ro to c o l .....................................57 3.4.2 Security Token P r o to c o l ........................................................ 61 3.5 Environment Model for P ro to c o ls ...................................................... 65 3.5.1 Environment Model for SM E P .................................................67 3.5.2 Environment Model for ST P .................................................... 71 3.6 Intruder Model for Protocols ................................................................ 76 3.6.1 Manipulated Protocol Run for S M E P ...................................77 3.6.2 Manipulated Protocol Run for S T P ...................................... 78 3.7 System Properties ....................................................................................79 3.7.1 Property Specification for S M E P ......................................... 80 3.7.2 Property Specification for STP .............................................82 3.8 Concluding Remarks ............................................................................. 84 4 Modelling Protocols with Automata 87 4.1 Chapter O bjectives .................................................................................87 4.2 Pushdown automaton ............................................................................. 88 4.3 Simple Message Exchange Protocol ................................................... 90 4.4 Security Token Protocol .....................................................................102 4.5 Concluding Rem arks ........................................................................... 116 5 Promela Model 118 5.1 Chapter O b jectiv es ...............................................................................119 5.2 Introduction to Prom ela .....................................................................121 5.3 System Modelling S te p s ..................................................................... 122 5.3.1 Simple Message Exchange P ro to c o l ................................... 125 5.3.2 Security Token Protocol ....................................................... 139 5.4 Concluding Remarks ............................................................................155 6 Simulation and Verification Results 156 6.1 Chapter O b jectiv es ...............................................................................157 6.2 Simulation R e s u lts ...............................................................................158 6.2.1 Simple Message Exchange Protocol ................................... 158 6.2.2 Security Token Protocol .......................................................167 6.3 Verification ............................................................................................174 6.3.1 Simple Message Exchange Protocol ................................... 177 6.3.2 Security Token Protocol .......................................................178 6.4 Concluding R e m a rk s ...........................................................................179 ii 7 XML Injection Attack Model 181 7.1 Simple Message Exchange Protocol .................................................183 7.1.1 T y p e s .........................................................................................183 7.1.2 C hannels ..................................................................................... 184 7.1.3 Global Variables .....................................................................185 7.1.4 Principal P ro cesses ..................................................................185 7.2 Security Token Protocol .................................................................... 191 7.2.1 T y p e s ........................................................................................ 192 7.2.2 Channels ......................................................................................193 7.2.3 Global Variables ..................................................................... 193 7.2.4 Principal P ro cesses ..................................................................194 7.3 Concluding Remarks ...........................................................................201 8 Simulation and Verification for XML Injection Attack 202 8.1 Simulation R e s u lts .............................................................................. 202 8.1.1 Simple Message Exchange Protocol .....................................202 8.1.2 Security Token Protocol ........................................................ 208 8.2 Verification Results .............................................................................. 216 8.2.1 Simple Message Exchange P ro to c o l .................................... 216 8.2.2 Security Token P r o to c o l ........................................................217 8.3 Concluding Remarks ...........................................................................217 9 Conclusions and Future Work 220 Bibliography 229 Appendix: SMEP 242 Appendix: STP 245 List of Figures 1.1 Web Services Security Stack ............................................................. 14 1.2 SOAP envelope incorporating WS-Security ................................ 15 1.3 Message tampering scenario in a secure session .............................. 28 1.4 An XML rewriting a t t a c k .............................................................. 29 3.1 Schematic view of Model Checking approach ................................. 52 3.2 Security Token Protocol ..................................................................... 66 4.1 Simple Message Exchange Protocol automaton ..............................93 4.2 Security Token Protocol Protocol automaton .................................107 5.1 Types of O b je c ts ................................................................................ 120 6.1 Message sequence chart for A —>• B ................................................160 6.2 Message Sequence Chart for A—>4 ...................................................162 6.3 Message Sequence Chart for A —> I followed by 1(A) —> B. 164 6.4 Message Sequence Chart for I —>• B ................................................165 6.5 Message Sequence Chart for I —► B followed by A —>1(B). 167 6.6 Message Sequence Chart for A —► STS ..........................................169 6.7 Message Sequence Chart for I —► S T S ..........................................171 6.8 Message Sequence Chart for 1(A) -» STS ..................................... 173 8.1 Message Sequence Chart for SMEP XML Content Injection Attack....................................................................................................... 205 8.2 Message Sequence Chart - SMEP XML Element Injection At­ tack............................................................................................................207
Details
-
File Typepdf
-
Upload Time-
-
Content LanguagesEnglish
-
Upload UserAnonymous/Not logged-in
-
File Pages257 Page
-
File Size-