SlideShare una empresa de Scribd logo

Synthesis of Secure Adaptors

José Antonio Martín Baena
José Antonio Martín Baena

These are the slides of a talk I gave at SRI International about one of my journal papers (http://bit.ly/JLAP12). The idea is to automatically synthesise orchestrators between stateful services that might be incompatible in signature, behavior and security protocols while avoiding deadlocks, livelocks and secrecy attacks

TecnologíaEmpresariales
1 de 38
Descargar para leer sin conexión
Synthesis of secure adaptors for stateful services J. Antonio Martín and Ernesto Pimentel University of Málaga SRI International, 2012 Paper: http://bit.ly/JLAP12
Motivation ● We deal with stateful services, i.e., services with behaviour ● Web Services have security policies ○ WS-Security, WS-SecureConversation, WS-Policy, ... ● Incompatible services send and receive incompatible cryptographic messages ● We want to deal with incompatible policies and incompatible behaviour (which arises deadlocks and livelocks between these stateful services) client
Example: Stateful services Service a Service b Encoded in Crypto-CCS
Solution: adaptation ● Deploy an adaptor in the middle of the communication which adapts incompatibilities in signature, behaviour and security ● Behavioural adaptation is based on receiving, rearrange and forward messages at the appropriate time ● Security adaptation extends behavioural adaptation with symmetric and asymmetric cryptography and digests through hashing Get flickr API key client adaptor Request Frob Handle Token...
Example: Adaptor Adaptor Service a Service b
Example: Adaptor Adaptor Service a Service b
Solution: adaptation contracts ● An adaptor is abstractly specified by a security adaptation contract (SAC) ● The synthesis process takes a contract and returns a deadlock/livelock-free adaptor ● Secrecy properties are verified over the system and, if needed, the adaptor is automatically refined to preserve them client adaptor synthesis process contract
Overview
Overview
Example: Incompatible services Service a Service b
Overview
Example: Incompatible services Service a Service b
Example: Incompatible services Service a Service b HOW: send! could match with either anonymous?, des?, pub_rsa? or priv_rsa?
Example: Incompatible services Service a Service b HOW: send! could match with either anonymous?, des?, pub_rsa? or priv_rsa? I have the user U and pass K
Example: Incompatible services Service a Service b HOW: send! could match with either anonymous?, des?, pub_rsa? or priv_rsa? Goal: pass info M I have the user from b to a U and pass K
Example: Incompatible services Service a Service b HOW: send! could match with either anonymous?, des?, pub_rsa? or priv_rsa? Goal: pass info M I have the user from b to a U and pass K Privacy req.: M should not be disclosed
Adaptation contract Service a Service b Sec. Adaptation Contract anonymous!M^ < send?M public_key! < ... E0 VLTS
Adaptation contract Service a Service b Sec. Adaptation Contract anonymous!M^ < send?M public_key! < ... E0 VLTS
Adaptation contract, E0 Service a Service b Sec. Adaptation Contract anonymous!M^ < send?M public_key! < login!U^,E(K^,U^) < des!E(K^, M^) < send?M ... E0 = [k/K, u/U,...] VLTS
Adaptation contract, VLTS Service a Service b Sec. Adaptation Contract 1. anonymous!M^ < send?M 2. public_key! < 3. login!U^,E(K^,U^) < 4. des!E(K^, M^) < send?M ... E0 = [k/K, u/U,...] VLTS }
Overview
Interactions compliant with SAC Service a Service b Adaptor Sec. Adaptation Contract 1. anonymous!M^ < send?M 2. public_key! < 3. login!U^,E(K^,U^) <
Deadlock free synthesis Adaptor Service a Service b SAC
Deadlock free synthesis Adaptor Service a Service b SAC
Deadlock free synthesis Adaptor Service a Service b SAC
Overview
Secrecy property Service a Service b ● What do you want to protect? ● Which channels are subject to attack? ○ Restricted Dolev-Yao model ● Which information is public?
Secrecy property Service a Service b Le - Actions not eavesdroppable by the attacker La - Actions not accessible nor eavesdroppable by the attacker p - Secrecy attack to avoid
Secrecy property Service a Service b In our toy example: La, Le: the attacker can only adaptor avesdrop actions of service a p: The attacker should not learn M In other words, passive attacker and the adaptor acts as a wrapper around service b
Partial model checking Service a Service b (thanks to partial model-checking)
Verification Adaptor Service a Service b Attack
Refinement Adaptor Service a Service b
Secure security adaptor Adaptor Service a Service b SAC
Contribution ● Adaptation of services with complex behaviors and security policies in such a way that: ○ We avoid undesirable situations as deadlocks and livelocks ○ The adaptor is able to decompose and recompose messages according to the interfaces and security policies of the services involved ○ It is formally proved that the given secrecy attack is avoided ● The adaptation is specified by an abstract security adaptation contract which expresses: ○ The initial information required for the adaptation ○ The transformations required to proceed with a successful communication ○ The security checks to perform throughout the communication
Thank you! Paper: http://bit.ly/JLAP12 -- Thesis: http://bit.ly/jamartin-thesis
WS-Security <?xml version="1.0" encoding="utf-8"?> <S11:Envelope><S11:Header> <wsse:Security> ● T, I, S, V, K, L and B <wsu:Timestamp wsu:Id="T0">...</wsu:Timestamp> <wsse:BinarySecurityToken ValueType="...#X509v3" are placeholders used wsu:Id="X509Token">... </wsse:BinarySecurityToken> <xenc:EncryptedKey>... for matching data in the <xenc:ReferenceList> <xenc:DataReference URI="#enc1"/> messages received </xenc:ReferenceList> </xenc:EncryptedKey> and sent from the <ds:Signature><ds:SignedInfo>... <ds:Reference URI="#T0">... T, adaptor <ds:DigestValue>LyLsF094Pi4wP...</ds: DigestValue> </ds:Reference> I, <ds:Reference URI="#body">... <ds:DigestValue>LyLsF094i4wPU...</ds: Pk(S), DigestValue> </ds:Reference> </ds:SignedInfo> penc(V, <ds:SignatureValue>Hp1ZkmFZ/2kQ...</ds: SignatureValue> Hash(cat(I,Pk(S)))), <ds:KeyInfo> <wsse:SecurityTokenReference> enc(K,L), <wsse:Reference URI="#X509Token"/> </wsse:SecurityTokenReference> Hash(T), </ds:KeyInfo> </ds:Signature> </wsse:Security> Hash(B), </S11:Header> <S11:Body wsu:Id="body"> penc(S,cat(Hash(T),Hash(B)), <xenc:EncryptedData wsu:Id="enc1">...</xenc:EncryptedData>... </S11:Body></S11:Envelope> enc(L,B)
WS-Security <?xml version="1.0" encoding="utf-8"?> <S11:Envelope><S11:Header> <wsse:Security> ● T, I, S, V, K, L and B <wsu:Timestamp wsu:Id="T0">...</wsu:Timestamp> <wsse:BinarySecurityToken ValueType="...#X509v3" are placeholders used wsu:Id="X509Token">... </wsse:BinarySecurityToken> <xenc:EncryptedKey>... for matching data in the <xenc:ReferenceList> <xenc:DataReference URI="#enc1"/> messages received </xenc:ReferenceList> </xenc:EncryptedKey> and sent from the <ds:Signature><ds:SignedInfo>... <ds:Reference URI="#T0">... T, adaptor <ds:DigestValue>LyLsF094Pi4wP...</ds: DigestValue> </ds:Reference> I, <ds:Reference URI="#body">... <ds:DigestValue>LyLsF094i4wPU...</ds: Pk(S), DigestValue> </ds:Reference> </ds:SignedInfo> penc(V, <ds:SignatureValue>Hp1ZkmFZ/2kQ...</ds: SignatureValue> Hash(cat(I,Pk(S)))), <ds:KeyInfo> <wsse:SecurityTokenReference> enc(K,L), <wsse:Reference URI="#X509Token"/> </wsse:SecurityTokenReference> Hash(T), </ds:KeyInfo> </ds:Signature> </wsse:Security> Hash(B), </S11:Header> <S11:Body wsu:Id="body"> penc(S,cat(Hash(T),Hash(B)), <xenc:EncryptedData wsu:Id="enc1">...</xenc:EncryptedData>... </S11:Body></S11:Envelope> enc(L,B)
Applications

Recomendados

Petrodolares
PetrodolaresPetrodolares
PetrodolaresSalvador Mata Sosa
 
De verrader van de Oude wilg(1)
De verrader van de Oude wilg(1)De verrader van de Oude wilg(1)
De verrader van de Oude wilg(1)steffke1
 
Trabajos de gimp
Trabajos de gimpTrabajos de gimp
Trabajos de gimptlozsky
 
Gregor mendel
Gregor mendelGregor mendel
Gregor mendelAndrés Huserman
 
Gaza amb humor
Gaza amb humorGaza amb humor
Gaza amb humortonidal
 
C O N C U R S O D E C O C H E S
C O N C U R S O D E C O C H E SC O N C U R S O D E C O C H E S
C O N C U R S O D E C O C H E SJorge Llosa
 
Tem Dias Que A Gente Acorda Assim...
Tem Dias Que A Gente Acorda Assim...Tem Dias Que A Gente Acorda Assim...
Tem Dias Que A Gente Acorda Assim...paula brieze
 
Diapositiva de cindy
Diapositiva de cindyDiapositiva de cindy
Diapositiva de cindycarlosipanaque20
 

Recomendados

Petrodolares
PetrodolaresPetrodolares
PetrodolaresSalvador Mata Sosa
 
De verrader van de Oude wilg(1)
De verrader van de Oude wilg(1)De verrader van de Oude wilg(1)
De verrader van de Oude wilg(1)steffke1
 
Trabajos de gimp
Trabajos de gimpTrabajos de gimp
Trabajos de gimptlozsky
 
Gregor mendel
Gregor mendelGregor mendel
Gregor mendelAndrés Huserman
 
Gaza amb humor
Gaza amb humorGaza amb humor
Gaza amb humortonidal
 
C O N C U R S O D E C O C H E S
C O N C U R S O D E C O C H E SC O N C U R S O D E C O C H E S
C O N C U R S O D E C O C H E SJorge Llosa
 
Tem Dias Que A Gente Acorda Assim...
Tem Dias Que A Gente Acorda Assim...Tem Dias Que A Gente Acorda Assim...
Tem Dias Que A Gente Acorda Assim...paula brieze
 
Diapositiva de cindy
Diapositiva de cindyDiapositiva de cindy
Diapositiva de cindycarlosipanaque20
 
Windows Azure - Windows In The Cloud
Windows Azure - Windows In The CloudWindows Azure - Windows In The Cloud
Windows Azure - Windows In The CloudJohan Lindfors
 
Api observability
Api observability Api observability
Api observability Red Hat
 
Servicialisation - Service Specifying: Example E-mailing Service V01.05.00
Servicialisation - Service Specifying: Example E-mailing Service V01.05.00Servicialisation - Service Specifying: Example E-mailing Service V01.05.00
Servicialisation - Service Specifying: Example E-mailing Service V01.05.00Paul G. Huppertz
 
Service Mesh in Practice
Service Mesh in PracticeService Mesh in Practice
Service Mesh in PracticeBallerina
 
Introduction to Istio Service Mesh
Introduction to Istio Service MeshIntroduction to Istio Service Mesh
Introduction to Istio Service MeshGeorgios Andrianakis
 
AWS Dev Lounge: Taking Control of Your Microservices with AWS App Mesh
AWS Dev Lounge: Taking Control of Your Microservices with AWS App MeshAWS Dev Lounge: Taking Control of Your Microservices with AWS App Mesh
AWS Dev Lounge: Taking Control of Your Microservices with AWS App MeshAmazon Web Services
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesrafiqahmad00786416
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxRustici Software
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...apidays
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...apidays
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfOrbitshub
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsNanddeep Nachan
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 

Más contenido relacionado

Similar a Synthesis of Secure Adaptors

Windows Azure - Windows In The Cloud
Windows Azure - Windows In The CloudWindows Azure - Windows In The Cloud
Windows Azure - Windows In The CloudJohan Lindfors
 
Api observability
Api observability Api observability
Api observability Red Hat
 
Servicialisation - Service Specifying: Example E-mailing Service V01.05.00
Servicialisation - Service Specifying: Example E-mailing Service V01.05.00Servicialisation - Service Specifying: Example E-mailing Service V01.05.00
Servicialisation - Service Specifying: Example E-mailing Service V01.05.00Paul G. Huppertz
 
Service Mesh in Practice
Service Mesh in PracticeService Mesh in Practice
Service Mesh in PracticeBallerina
 
Introduction to Istio Service Mesh
Introduction to Istio Service MeshIntroduction to Istio Service Mesh
Introduction to Istio Service MeshGeorgios Andrianakis
 
AWS Dev Lounge: Taking Control of Your Microservices with AWS App Mesh
AWS Dev Lounge: Taking Control of Your Microservices with AWS App MeshAWS Dev Lounge: Taking Control of Your Microservices with AWS App Mesh
AWS Dev Lounge: Taking Control of Your Microservices with AWS App MeshAmazon Web Services
 

Similar a Synthesis of Secure Adaptors (6)

Windows Azure - Windows In The Cloud
Windows Azure - Windows In The CloudWindows Azure - Windows In The Cloud
Windows Azure - Windows In The Cloud
 
Api observability
Api observability Api observability
Api observability
 
Servicialisation - Service Specifying: Example E-mailing Service V01.05.00
Servicialisation - Service Specifying: Example E-mailing Service V01.05.00Servicialisation - Service Specifying: Example E-mailing Service V01.05.00
Servicialisation - Service Specifying: Example E-mailing Service V01.05.00
 
Service Mesh in Practice
Service Mesh in PracticeService Mesh in Practice
Service Mesh in Practice
 
Introduction to Istio Service Mesh
Introduction to Istio Service MeshIntroduction to Istio Service Mesh
Introduction to Istio Service Mesh
 
AWS Dev Lounge: Taking Control of Your Microservices with AWS App Mesh
AWS Dev Lounge: Taking Control of Your Microservices with AWS App MeshAWS Dev Lounge: Taking Control of Your Microservices with AWS App Mesh
AWS Dev Lounge: Taking Control of Your Microservices with AWS App Mesh
 

Último

ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesrafiqahmad00786416
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxRustici Software
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...apidays
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...apidays
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfOrbitshub
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsNanddeep Nachan
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024The Digital Insurer
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024The Digital Insurer
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKJago de Vreede
 

Último (20)

ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
 

Synthesis of Secure Adaptors

  • 1. Synthesis of secure adaptors for stateful services J. Antonio Martín and Ernesto Pimentel University of Málaga SRI International, 2012 Paper: http://bit.ly/JLAP12
  • 2. Motivation ● We deal with stateful services, i.e., services with behaviour ● Web Services have security policies ○ WS-Security, WS-SecureConversation, WS-Policy, ... ● Incompatible services send and receive incompatible cryptographic messages ● We want to deal with incompatible policies and incompatible behaviour (which arises deadlocks and livelocks between these stateful services) client
  • 3. Example: Stateful services Service a Service b Encoded in Crypto-CCS
  • 4. Solution: adaptation ● Deploy an adaptor in the middle of the communication which adapts incompatibilities in signature, behaviour and security ● Behavioural adaptation is based on receiving, rearrange and forward messages at the appropriate time ● Security adaptation extends behavioural adaptation with symmetric and asymmetric cryptography and digests through hashing Get flickr API key client adaptor Request Frob Handle Token...
  • 5. Example: Adaptor Adaptor Service a Service b
  • 6. Example: Adaptor Adaptor Service a Service b
  • 7. Solution: adaptation contracts ● An adaptor is abstractly specified by a security adaptation contract (SAC) ● The synthesis process takes a contract and returns a deadlock/livelock-free adaptor ● Secrecy properties are verified over the system and, if needed, the adaptor is automatically refined to preserve them client adaptor synthesis process contract
  • 10. Example: Incompatible services Service a Service b
  • 12. Example: Incompatible services Service a Service b
  • 13. Example: Incompatible services Service a Service b HOW: send! could match with either anonymous?, des?, pub_rsa? or priv_rsa?
  • 14. Example: Incompatible services Service a Service b HOW: send! could match with either anonymous?, des?, pub_rsa? or priv_rsa? I have the user U and pass K
  • 15. Example: Incompatible services Service a Service b HOW: send! could match with either anonymous?, des?, pub_rsa? or priv_rsa? Goal: pass info M I have the user from b to a U and pass K
  • 16. Example: Incompatible services Service a Service b HOW: send! could match with either anonymous?, des?, pub_rsa? or priv_rsa? Goal: pass info M I have the user from b to a U and pass K Privacy req.: M should not be disclosed
  • 17. Adaptation contract Service a Service b Sec. Adaptation Contract anonymous!M^ < send?M public_key! < ... E0 VLTS
  • 18. Adaptation contract Service a Service b Sec. Adaptation Contract anonymous!M^ < send?M public_key! < ... E0 VLTS
  • 19. Adaptation contract, E0 Service a Service b Sec. Adaptation Contract anonymous!M^ < send?M public_key! < login!U^,E(K^,U^) < des!E(K^, M^) < send?M ... E0 = [k/K, u/U,...] VLTS
  • 20. Adaptation contract, VLTS Service a Service b Sec. Adaptation Contract 1. anonymous!M^ < send?M 2. public_key! < 3. login!U^,E(K^,U^) < 4. des!E(K^, M^) < send?M ... E0 = [k/K, u/U,...] VLTS }
  • 22. Interactions compliant with SAC Service a Service b Adaptor Sec. Adaptation Contract 1. anonymous!M^ < send?M 2. public_key! < 3. login!U^,E(K^,U^) <
  • 23. Deadlock free synthesis Adaptor Service a Service b SAC
  • 24. Deadlock free synthesis Adaptor Service a Service b SAC
  • 25. Deadlock free synthesis Adaptor Service a Service b SAC
  • 27. Secrecy property Service a Service b ● What do you want to protect? ● Which channels are subject to attack? ○ Restricted Dolev-Yao model ● Which information is public?
  • 28. Secrecy property Service a Service b Le - Actions not eavesdroppable by the attacker La - Actions not accessible nor eavesdroppable by the attacker p - Secrecy attack to avoid
  • 29. Secrecy property Service a Service b In our toy example: La, Le: the attacker can only adaptor avesdrop actions of service a p: The attacker should not learn M In other words, passive attacker and the adaptor acts as a wrapper around service b
  • 30. Partial model checking Service a Service b (thanks to partial model-checking)
  • 31. Verification Adaptor Service a Service b Attack
  • 32. Refinement Adaptor Service a Service b
  • 33. Secure security adaptor Adaptor Service a Service b SAC
  • 34. Contribution ● Adaptation of services with complex behaviors and security policies in such a way that: ○ We avoid undesirable situations as deadlocks and livelocks ○ The adaptor is able to decompose and recompose messages according to the interfaces and security policies of the services involved ○ It is formally proved that the given secrecy attack is avoided ● The adaptation is specified by an abstract security adaptation contract which expresses: ○ The initial information required for the adaptation ○ The transformations required to proceed with a successful communication ○ The security checks to perform throughout the communication
  • 35. Thank you! Paper: http://bit.ly/JLAP12 -- Thesis: http://bit.ly/jamartin-thesis
  • 36. WS-Security <?xml version="1.0" encoding="utf-8"?> <S11:Envelope><S11:Header> <wsse:Security> ● T, I, S, V, K, L and B <wsu:Timestamp wsu:Id="T0">...</wsu:Timestamp> <wsse:BinarySecurityToken ValueType="...#X509v3" are placeholders used wsu:Id="X509Token">... </wsse:BinarySecurityToken> <xenc:EncryptedKey>... for matching data in the <xenc:ReferenceList> <xenc:DataReference URI="#enc1"/> messages received </xenc:ReferenceList> </xenc:EncryptedKey> and sent from the <ds:Signature><ds:SignedInfo>... <ds:Reference URI="#T0">... T, adaptor <ds:DigestValue>LyLsF094Pi4wP...</ds: DigestValue> </ds:Reference> I, <ds:Reference URI="#body">... <ds:DigestValue>LyLsF094i4wPU...</ds: Pk(S), DigestValue> </ds:Reference> </ds:SignedInfo> penc(V, <ds:SignatureValue>Hp1ZkmFZ/2kQ...</ds: SignatureValue> Hash(cat(I,Pk(S)))), <ds:KeyInfo> <wsse:SecurityTokenReference> enc(K,L), <wsse:Reference URI="#X509Token"/> </wsse:SecurityTokenReference> Hash(T), </ds:KeyInfo> </ds:Signature> </wsse:Security> Hash(B), </S11:Header> <S11:Body wsu:Id="body"> penc(S,cat(Hash(T),Hash(B)), <xenc:EncryptedData wsu:Id="enc1">...</xenc:EncryptedData>... </S11:Body></S11:Envelope> enc(L,B)
  • 37. WS-Security <?xml version="1.0" encoding="utf-8"?> <S11:Envelope><S11:Header> <wsse:Security> ● T, I, S, V, K, L and B <wsu:Timestamp wsu:Id="T0">...</wsu:Timestamp> <wsse:BinarySecurityToken ValueType="...#X509v3" are placeholders used wsu:Id="X509Token">... </wsse:BinarySecurityToken> <xenc:EncryptedKey>... for matching data in the <xenc:ReferenceList> <xenc:DataReference URI="#enc1"/> messages received </xenc:ReferenceList> </xenc:EncryptedKey> and sent from the <ds:Signature><ds:SignedInfo>... <ds:Reference URI="#T0">... T, adaptor <ds:DigestValue>LyLsF094Pi4wP...</ds: DigestValue> </ds:Reference> I, <ds:Reference URI="#body">... <ds:DigestValue>LyLsF094i4wPU...</ds: Pk(S), DigestValue> </ds:Reference> </ds:SignedInfo> penc(V, <ds:SignatureValue>Hp1ZkmFZ/2kQ...</ds: SignatureValue> Hash(cat(I,Pk(S)))), <ds:KeyInfo> <wsse:SecurityTokenReference> enc(K,L), <wsse:Reference URI="#X509Token"/> </wsse:SecurityTokenReference> Hash(T), </ds:KeyInfo> </ds:Signature> </wsse:Security> Hash(B), </S11:Header> <S11:Body wsu:Id="body"> penc(S,cat(Hash(T),Hash(B)), <xenc:EncryptedData wsu:Id="enc1">...</xenc:EncryptedData>... </S11:Body></S11:Envelope> enc(L,B)