Skip to main content
SpringerLink
Log in

Trustable Remote Verification of Web Services

  • Conference paper
Book cover Trusted Computing (Trust 2009)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 5471))

Included in the following conference series:

Abstract

Service Oriented Architectures currently provide little or no evidence that each remote component has been implemented correctly. This is a problem for businesses hoping to exploit the potential benefits of SOA. We present a technique called Trustable Remote Verification, which lets providers create behavioural guarantees of their web services. Our approach is flexible, using Extended Static Checking for verification and has the significant advantage of requiring no additional trusted third party.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Christensen, E., Curbera, F., Meredith, G., Weerawarana, S.: Web Services Description Language (WSDL) 1.1. Technical report, W3C (March 2001), http://www.w3.org/TR/2001/NOTE-wsdl-20010315

  2. The Trusted Computing Group: TCG Specification Architecture Overview, Revision 1.4 (August 2007), https://www.trustedcomputinggroup.org/groups/TCG_1_4_Architecture_Overview.pdf

  3. The Trusted Computing Group: TCG Glossary of Technical Terms (2008), https://www.trustedcomputinggroup.org/groups/glossary/

  4. Poritz, J.A.: Trust[ed | in] Computing, Signed Code and the Heat Death of the Internet. In: SAC 2006: Proceedings of the 2006 ACM Symposium on Applied Computing, pp. 1855–1859. ACM Press, New York (2006)

    Google Scholar 

  5. Sadeghi, A.R., Stüble, C.: Property-based Attestation for Computing Platforms: Caring About Properties, Not Mechanisms. In: NSPW 2004: Proceedings of the 2004 Workshop on New Security Paradigms, pp. 67–77. ACM Press, New York (2004)

    Google Scholar 

  6. Papazoglou, M.P., Dubray, J.j.: A Survey of Web Service Technologies. Technical Report DIT-04-058, Informatica e Telecomunicazioni, University of Trento (June 2004)

    Google Scholar 

  7. The W3C: Simple Object Access Protocol (SOAP) (April 2007), http://www.w3.org/TR/soap/

  8. Meyer, B.: Design by Contract: Building Reliable Software. In: Object-Oriented Software Construction, pp. 331–341. Prentice Hall, Englewood Cliffs (1997)

    Google Scholar 

  9. Leavens, G., Cheon, Y.: Design by Contract with JML (2003), http://citeseer.ist.psu.edu/leavens04design.html

  10. Cok, D.R., Kiniry, J.R.: ESC/Java2: Uniting eSC/Java and JML. In: Barthe, G., Burdy, L., Huisman, M., Lanet, J.-L., Muntean, T. (eds.) CASSIS 2004. LNCS, vol. 3362, pp. 108–128. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  11. Necula, G.: Proof-Carrying Code. Website (July 2002), http://raw.cs.berkeley.edu/pcc.html

  12. Jaeger, T., Sailer, R., Shankar, U.: PRIMA: Policy-Reduced Integrity Measurement Architecture. In: SACMAT, pp. 19–28 (2006)

    Google Scholar 

  13. Munetoh, S., Nakamura, M., Yoshihama, S., Kudo, M.: Integrity Management Infrastructure for Trusted Computing. IEICE Transactions on Information and Systems E91-D(5), 1242–1251 (2008)

    Article  Google Scholar 

  14. Pavlova, M., Barthe, G., Burdy, L., Huisman, M., Lanet, J.L.: Enforcing High-Level Security Properties for Applets (2004)

    Google Scholar 

  15. Cooper, A., Martin, A.: Towards a secure, tamper-proof grid platform. In: CCGRID 2006. Sixth IEEE International Symposium on Cluster Computing and the Grid, 2006, vol. 1, p. 8 (May 2006)

    Google Scholar 

  16. Haldar, V., Chandra, D., Franz, M.: Semantic Remote Attestation - Virtual Machine Directed Approach to Trusted Computing. In: Virtual Machine Research and Technology Symposium, USENIX, pp. 29–41 (2004)

    Google Scholar 

  17. Yoshihama, S., Ebringer, T., Nakamura, M., Munetoh, S., Maruyama, H.: WS-attestation: efficient and fine-grained remote attestation on Web services. In: ICWS 2005. Proceedings. 2005 IEEE International Conference on Web Services, pp. 743–750 (July 2005)

    Google Scholar 

  18. Betin-Can, A., Bultan, T.: Verifiable Web services with Hierarchical Interfaces. In: ICWS 2005. Proceedings. 2005 IEEE International Conference on Web Services, vol.1, pp. 85–94 (July 2005)

    Google Scholar 

  19. Tsai, W., Wei, X., Chen, Y., Xiao, B., Paul, R., Huang, H.: Developing and assuring trustworthy Web services. In: Autonomous Decentralized Systems, 2005. ISADS 2005. Proceedings, pp. 43–50 (April 2005)

    Google Scholar 

  20. McCune, J.M., Parno, B.J., Perrig, A., Reiter, M.K., Isozaki, H.: Flicker: an execution infrastructure for tcb minimization. In: Eurosys 2008: Proceedings of the 3rd ACM SIGOPS/EuroSys European Conference on Computer Systems 2008, pp. 315–328. ACM, New York (2008)

    Chapter  Google Scholar 

  21. Wei, J., Cihula, J., Wang, S.: Trusted Boot Sourceforge Project Website (2008), http://sourceforge.net/projects/tboot/

Download references

Author information

Authors and Affiliations

  1. Computing Laboratory, Oxford University, Wolfson Building, Parks Road, Oxford, OX1 3QD, UK

    John Lyle

Authors
  1. John Lyle
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Hewlett Packard Labs, Filton Road, BS34 8QZ, Bristol, Stoke Gifford, UK

    Liqun Chen

  2. Information Security Group, Royal Holloway, University of London, TW20 0EX, Surrey, Egham, UK

    Chris J. Mitchell

  3. Oxford University Computing Laboratory, Wolfson Building, Parks Road, OX1 3QD, Oxford, UK

    Andrew Martin

Rights and permissions

Reprints and permissions

Copyright information

© 2009 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Lyle, J. (2009). Trustable Remote Verification of Web Services. In: Chen, L., Mitchell, C.J., Martin, A. (eds) Trusted Computing. Trust 2009. Lecture Notes in Computer Science, vol 5471. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-00587-9_10

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-00587-9_10

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-00586-2

  • Online ISBN: 978-3-642-00587-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation