TulaFale

TulaFale: a security tool for web services. Web services security specifications are typically expressed as a mixture of XML schemas, example messages, and narrative explanations. We propose a new specification language for writing complementary machine-checkable descriptions of SOAP-based security protocols and their properties. Our TulaFale language is based on the pi calculus (for writing collections of SOAP processors running in parallel), plus XML syntax (to express SOAP messaging), logical predicates (to construct and filter SOAP messages), and correspondence assertions (to specify authentication goals of protocols). Our implementation compiles TulaFale into the applied pi calculus, and then runs Blanchet’s resolution-based protocol verifier. Hence, we can automatically verify authentication properties of SOAP protocols.


References in zbMATH (referenced in 14 articles , 1 standard article )

Showing results 1 to 14 of 14.
Sorted by year (citations)

  1. Armando, Alessandro; Arsac, Wihem; Avanesov, Tigran; Barletta, Michele; Calvi, Alberto; Cappai, Alessandro; Carbone, Roberto; Chevalier, Yannick; Compagna, Luca; Cuéllar, Jorge; Erzse, Gabriel; Frau, Simone; Minea, Marius; Mödersheim, Sebastian; von Oheimb, David; Pellegrino, Giancarlo; Ponta, Serena Elisa; Rocchetto, Marco; Rusinowitch, Michael; Torabi Dashti, Mohammad; Turuani, Mathieu; Viganò, Luca: The AVANTSSAR platform for the automated validation of trust and security of service-oriented architectures (2012)
  2. Blanchet, Bruno: Security protocol verification: symbolic and computational models (2012)
  3. Carpineti, Samuele; Laneve, Cosimo; Padovani, Luca: PiDuce- A project for experimenting web services technologies (2009)
  4. Borgström, Johannes; Gordon, Andrew D.; Phillips, Andrew: A chart semantics for the pi-calculus. (2008)
  5. Bhargavan, Karthikeyan; Fournet, Cédric; Gordon, Andrew D.; Tse, Stephen: Verified interoperable implementations of security protocols (2007)
  6. Chevalier, Yannick; Lugiez, Denis; Rusinowitch, Michaël: Verifying cryptographic protocols with subterms constraints (2007)
  7. Chevalier, Yannick; Lugiez, Denis; Rusinowitch, Michaël: Towards an automatic analysis of web service security (2007)
  8. Backes, Michael; Mödersheim, Sebastian; Pfitzmann, Birgit; Viganò, Luca: Symbolic and cryptographic analysis of the secure WS-ReliableMessaging scenario (2006)
  9. Kleiner, E.; Roscoe, A.W.: On the relationship between web services security and traditional protocols. (2006)
  10. Kleiner, E.; Roscoe, A.W.: On the relationship between web services security and traditional protocols (2006)
  11. Viganò, Luca: Automated security protocol analysis with the AVISPA tool. (2006)
  12. Bhargavan, Karthikeyan; Fournet, Cédric; Gordon, Andrew D.: A semantics for web services authentication (2005)
  13. Bhargavan, Karthikeyan; Fournet, Cédric; Gordon, Andrew D.; Pucella, Riccardo: TulaFale: a security tool for web services (2004)
  14. de Boer, Frank S. (ed.); Bonsangue, Marcello M. (ed.); Graf, Susanne (ed.); de Roever, Willem-Paul (ed.): Formal methods for components and objects. Second international symposium, FMCO 2003, Leiden The Netherlands, November 4--7, 2003. Revised lectures. (2004)