Abstract | ||
---|---|---|
Current web service platforms (WSPs) often perform all web services-related processing, including security-sensitive information handling, in the same protection domain. Consequently, the entire WSP may have access to security-sensitive information, forcing us to trust a large and complex piece of software. To address this problem, we propose ISO-WSP, a new information flow architecture that decomposes current WSPs into a small trusted T-WSP to handle security-sensitive data and a large, legacy untrusted U-WSP that provides the normal WSP functionality. To achieve end-to-end security, the application code is also decomposed into a small trusted part and the remaining untrusted code. The trusted part encapsulates all accesses to security-sensitive data through a Secure Functional Interface (SFI). To ease the migration of legacy applications to ISO-WSP, we developed tools to translate direct manipulations of security-sensitive data by the untrusted part into SFI invocations. Using a prototype implementation based on the Apache Axis2 WSP, we show that ISO-WSP reduces software complexity of trusted components by a factor of five, while incurring a modest performance overhead of few milliseconds per request. We also show that existing applications can be migrated to run on ISO-WSP with a few tens of lines of new and modified code. |
Year | DOI | Venue |
---|---|---|
2008 | 10.1109/TSC.2008.10 | IEEE T. Services Computing |
Keywords | DocType | Volume |
normal WSP functionality,application code,entire WSP,Apache Axis2 WSP,untrusted part,remaining untrusted code,security-sensitive information handling,modified code,Web Service Platforms,Secure Information Flow Architecture,new information flow architecture,security-sensitive data | Journal | 1 |
Issue | Citations | PageRank |
2 | 9 | 0.65 |
References | Authors | |
12 | 3 |
Name | Order | Citations | PageRank |
---|---|---|---|
Jinpeng Wei | 1 | 221 | 20.22 |
Lenin Singaravelu | 2 | 153 | 10.44 |
Calton Pu | 3 | 5377 | 877.83 |