|
| This Article | ||
| ||
| Share | ||
| Bibliographic References | ||
| Add to: | ||
 Digg  Furl  Spurl  Blink  Simpy  Google  Del.icio.us  Y!MyWeb | ||
| Search | ||
| ||
2008 IEEE International Conference on Services Computing Vol. 1
A Secure Information Flow Architecture for Web Services
July 07-July 11
ISBN: 978-0-7695-3283-7
| ASCII Text | x | ||
| Lenin Singaravelu, Jinpeng Wei, Calton Pu, "A Secure Information Flow Architecture for Web Services," 2012 SC Companion: High Performance Computing, Networking Storage and Analysis, vol. 1, pp. 182-189, 2008 IEEE International Conference on Services Computing Vol. 1, 2008. | |||
| BibTex | x | ||
| @article{ 10.1109/SCC.2008.121, author = {Lenin Singaravelu and Jinpeng Wei and Calton Pu}, title = {A Secure Information Flow Architecture for Web Services}, journal ={2012 SC Companion: High Performance Computing, Networking Storage and Analysis}, volume = {1}, year = {2008}, isbn = {978-0-7695-3283-7}, pages = {182-189}, doi = {http://doi.ieeecomputersociety.org/10.1109/SCC.2008.121}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, } | |||
| RefWorks Procite/RefMan/Endnote | x | ||
| TY - CONF JO - 2012 SC Companion: High Performance Computing, Networking Storage and Analysis TI - A Secure Information Flow Architecture for Web Services SN - 978-0-7695-3283-7 SP182 EP189 A1 - Lenin Singaravelu, A1 - Jinpeng Wei, A1 - Calton Pu, PY - 2008 KW - null VL - 1 JA - 2012 SC Companion: High Performance Computing, Networking Storage and Analysis ER - | |||
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/SCC.2008.121
Current web service platforms (WSPs) often perform all web services-related processing, including security-sensitive information handling, in the same protection domain. Consequently, the entire WSP may have access to security-sensitive information such as credit card numbers, forcing us to trust a large and complex piece of software. To address this problem, we propose ISO-WSP, a new information flow architecture that decomposes current WSPs into two parts executing in separate protection domains: (1) a small trusted T-WSP to handle security-sensitive data, and (2) a large, legacy untrusted U-WSP that provides the normal WSP functionality, but uses the T-WSP for security-sensitive data handling. By restricting security-sensitive data access to T-WSP, ISO-WSP reduces the software complexity of trusted code, thereby improving the testability of ISO-WSP. Using a prototype implementation based on the Apache Axis2 WSP, we show that ISO-WSP reduces software complexity of trusted components by a factor of five, while incurring a modest performance overhead of few milliseconds per request.
Citation:
Lenin Singaravelu, Jinpeng Wei, Calton Pu, "A Secure Information Flow Architecture for Web Services," scc, vol. 1, pp.182-189, 2008 IEEE International Conference on Services Computing Vol. 1, 2008
Usage of this product signifies your acceptance of the Terms of Use.