Peter Berthold - Validating and Extending the Security Concepts of a Web Services based Infrastructure

Security can be a major concern when dealing with Web Services.	This thesis examines methods and 
other suggestions for providing the protection targets authenticity, integrity and confidentiality 
in a Web Services-based infrastructure.

The introduction explains new terms and technologies that are required for understanding this work. 
This chapter highlights IT-security elements, the concept of service-oriented architectures (SOA), 
cryptographic basics and the technologies underlying Web Services (XML, SOAP, UDDI, WSDL). In 
addition, criteria like ITSEC and Common Criteria, which are used to evaluate IT-security as well 
as techniques to secure XML and Web Service messages, are explained. This chapter also covers an 
overview of the WS*-specifications, like WS-Trust, WS-Policy and WS-SecureConversation and an 
overview of Java Micro Edition (Java ME). 

This thesis focuses on SicAri, a platform that is based on Java and used for the safe, ubiquitous 
use of applications. Within an SicAri infrastructure, individual platforms are connected by Web 
Services. Users of a SicAri platform may use services of remote platforms in the same way as if 
they were available locally. All users act within a security context, and policies protect the 
security requirements of the platform. 
	
This thesis expands the security concept of the platform and current modules have been replaced by 
new implementations. A Web Services-based authentication protocol has been designed to allow the 
user authentication with username/password, soft token or smart card using a central service. As a 
result of this authentication a security token is issued, which serves as a document of 
identification within SicAri. Similarly to a Kerberos ticket, the security token is used to 
implement the single sign-on (SSO) within the SicAri infrastructure. 

In addition, this thesis shows that mobile devices, such as mobile phones and PDAs, can be
connected to the platform using Java ME and Web Services-based interfaces. By using
username/password or soft token authentication methods a user can authenticate itself within the 
platform. The issued security token allows users to call services of the SicAri infrastructure 
without any further authentication. This thesis points out that the connection between a mobile 
phone and Web Services offered by the platform can be secured using the SSL/TLS protocol. The 
comparison of Java ME and Java SE shows that the functionality of Java ME, in its configurations 
CLDC and CDC, is strongly reduced, but missing functions can often be upgraded by optional APIs. 

The threat analysis in chapter 5 demonstrates the weak points and points of attack on the 
implemented authentication mechanisms. This chapter also discusses special Web Service threats like 
WS-Interface Probing, XML-Denial-of-Service and parameter attacks.

Using different testing scenarios this thesis examines the efficiency of the Web Services-based 
authentication and the SSO. Depending on the activated security options the authentication shows 
different running times. The current implementation of the SSO is extremely efficient and hardly 
delays the response behavior.