A Secure Information Flow Architecture for Web Services

14 years 6 months ago

Download www.cc.gatech.edu

Current web service platforms (WSPs) often perform all web services-related processing, including securitysensitive information handling, in the same protection domain. Consequently, the entire WSP may have access to security-sensitive information such as credit card numbers, forcing us to trust a large and complex piece of software. To address this problem, we propose ISO-WSP, a new information flow architecture that decomposes current WSPs into two parts executing in separate protection domains: (1) a small trusted TWSP to handle security-sensitive data, and (2) a large, legacy untrusted U-WSP that provides the normal WSP functionality, but uses the T-WSP for security-sensitive data handling. By restricting security-sensitive data access to T-WSP, ISO-WSP reduces the software complexity of trusted code, thereby improving the testability of ISO-WSP. Using a prototype implementation based on the Apache Axis2 WSP, we show that ISOWSP reduces software complexity of trusted components by...

Lenin Singaravelu, Jinpeng Wei, Calton Pu

Real-time Traffic

Applied Computing | IEEESCC 2008 | Protection Domains | Security-sensitive Data | Software Complexity |

claim paper

Post Info
More Details (n/a)

Added	31 May 2010
Updated	31 May 2010
Type	Conference
Year	2008
Where	IEEESCC
Authors	Lenin Singaravelu, Jinpeng Wei, Calton Pu

Comments (0)

Sciweavers

A Secure Information Flow Architecture for Web Services

Applied Computing | IEEESCC 2008 | Protection Domains | Security-sensitive Data | Software Complexity |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers