A SOAP-Based Model for Secure Messaging in a Global Context by Johannes Jurie van Eeden A SOAP-based Model for Secure Messaging in a Global Context by Johannes Jurie van Eeden Dissertation submitted in fulfillment of the requirements for the degree Magister Technologiae in Information Technology in the School of Information and Communication Technology at the Nelson Mandela Metropolitan University Promoter: Dr Maree Pather December 2005 Table of Contents Declaration ............................................................................................................. v Abstract.................................................................................................................. vi Acknowledgements................................................................................................ vii Acronyms and Abbreviations used.......................................................................viii Part I ...................................................................................................................... 1 Introduction............................................................................................................. 1 Chapter 1 ............................................................................................................... 2 Introduction............................................................................................................. 2 1.1 Problem Statement........................................................................................ 3 1.2 Objectives ..................................................................................................... 4 1.3 Methodology................................................................................................. 4 1.4 The Dissertation at a Glance......................................................................... 4 Part II..................................................................................................................... 7 Background............................................................................................................. 7 Chapter 2 ............................................................................................................... 8 International Transportation Mechanism (Protocol Suite) ..................................... 8 2.1 Web Service Architecture........................................................................... 10 2.1.1 Core Layers of the Web Service Stack ................................................ 11 2.1.2 Higher-Level Layers of the Web Service Stack .................................. 13 2.2 Web Service Standards ............................................................................... 17 2.3 Benefits of Web Services............................................................................ 20 2.4 Web Services Threats ................................................................................. 22 2.5 Conclusion .................................................................................................. 24 Chapter 3 ............................................................................................................. 25 Routing the Vehicle .............................................................................................. 25 3.1 Defining an Address ................................................................................... 26 3.2 Providing Addresses ................................................................................... 28 3.3 Addressing Faults........................................................................................ 30 3.4 Security Consideration................................................................................ 31 3.5 Conclusion .................................................................................................. 31 Chapter 4 ............................................................................................................. 33 Reliable Transportation......................................................................................... 33 4.1 Reliability Features ..................................................................................... 34 4.2 Establishing Reliable Transportation.......................................................... 35 4.3 Faults in a Reliable Transportation............................................................. 38 4.4 Security Considerations .............................................................................. 38 i 4.5 Conclusion .................................................................................................. 39 Chapter 5 ............................................................................................................. 41 Securing the Vehicle............................................................................................. 41 5.1 Building Blocks of Security........................................................................ 41 5.1.1 Confidentiality ..................................................................................... 41 5.1.2 Integrity................................................................................................ 43 5.1.3 Non-Repudiation.................................................................................. 43 5.1.4 Authentication...................................................................................... 44 5.1.5 Authorization ....................................................................................... 44 5.1.6 Availability .......................................................................................... 44 5.2 Adding Security to the Vehicle................................................................... 45 5.2.1 Threats to the Vehicle .......................................................................... 46 5.3 Fitting the Security System......................................................................... 47 5.3.1 Identifying Components....................................................................... 47 5.3.2 Security System Container................................................................... 48 5.3.3 Proof Ownership and Goods Integrity ................................................. 50 5.3.4 Keeping Goods Confidential................................................................ 51 5.3.5 Adding a Clock .................................................................................... 55 5.4 Error Handling ............................................................................................ 55 5.5 Conclusion .................................................................................................. 55 Chapter 6 ............................................................................................................. 58 Optimizing the Vehicle......................................................................................... 58 6.1 Cargo Loading Approaches ........................................................................ 58 6.1.1 XML Representation............................................................................ 59 6.1.2 SOAP with Attachments (SwA) .......................................................... 59 6.1.3 WS-Attachment using DIME............................................................... 60 6.1.4 Base64-Encoding ................................................................................. 60 6.1.5 Message Transmission Optimization Mechanism (MTOM) ............... 61 6.2 A Deeper look at MTOM............................................................................ 62 6.2.1 Abstract SOAP Transmission Optimization Feature ........................... 62 6.2.2 Optimized MIME Multipart/Related Serialization of SOAP messages ....................................................................................................................... 64 6.2.3 HTTP SOAP Transmission Optimization Feature............................... 66 6.3 Conclusion .................................................................................................. 67 Chapter 7 ............................................................................................................. 68 Securing the Highway........................................................................................... 68 7.1 IPSec ........................................................................................................... 69 7.2 SSL/TLS ..................................................................................................... 79 7.3 IPSec vs. SSL/TLS...................................................................................... 84 7.4 Conclusion .................................................................................................. 87 Part III ................................................................................................................. 89 Solution................................................................................................................. 89 ii Chapter 8 ............................................................................................................. 90 A Messaging Framework...................................................................................... 90 8.1 A Universal Language ................................................................................ 90 8.2 The Vehicle Depot ...................................................................................... 91 8.3 Proposed Messaging Framework...............................................................