A Fair Non-repudiation Service in a Web Services Peer-to-Peer Environment

Berthold Agreiter, Michael Hafner, Ruth Breu

2007

Abstract

“Non-repudiation”, a well known concept in security engineering, provides measures to ensure that participants in a communication process cannot later on deny of having participated in it. Such a concept is even more important in service oriented architectures (e.g. electronic billing). However, there is no sophisticated standard implementing fair Non-repudiation in such an environment. In this paper, we will introduce a framework providing fair Non-repudiation for Web service messages. It executes a previously specified protocol using Web services technology itself, but completely hides the protocol execution from the target Web services. To allow the integration of such security requirements already in an early phase of development, a model-driven configuration approach is used. Furthermore, the procedure is not tied to Non-repudiation protocols only, which means that a broad range of protocols can be integrated in a similar way. The framework presented in this paper leverages existing standards and protocols for an efficient adoption in service oriented architectures.

References

  1. Hafner, M., M.M. Alam, and R. Breu. Towards a MOF/QVT-based Domain Architecture for Model Driven Security. in Models 2006. 2006. Genova, Italy.
  2. Hafner, M., et al. Realizing Advanced Security Requirements for Inter-organizational Workflows. in eChallenges 2006. 2006. Bacelona, Spain.
  3. Hafner, M., et al. Sectet - An Extensible Framework for the Realization of Secure InterOrganizational Workflows. in WOSIS 2006. 2006. Paphos, Cyprus: INSTICC Press.
  4. Bartel, M., et al. XML-Signature Syntax and Processing. 2002 [cited 2007 19.01.]; Available from: http://www.w3.org/TR/xmldsig-core/.
  5. SOAP Version 1.2 Part 1: Messaging Framework. 2003 [cited 2007 19.01.]; Available from: http://www.w3.org/TR/soap/.
  6. Hada, S. SOAP security extensions: digital signature. 2001 [cited 2007 18.01.]; Available from: http://www-128.ibm.com/developerworks/library/ws-soapsec/.
  7. Freier, A., P. Karlton, and P. Kocher, The SSL Protocol Version 3.0. 1996.
  8. Gravengaard, E., Web Services Security: Non-Repudiation. 2003.
  9. Zhou, J. and D. Gollmann, A Fair Non-repudiation Protocol. 1995: University of London, Royal Holloway, Department of Computer Science.
  10. Markowitch, O. and Y. Roggeman, Probabilistic non-repudiation without trusted third party. Second Conference on Security in Communication Networks, 1999. 99.
  11. Kremer, S., O. Markowitch, and J. Zhou, An intensive survey of fair non-repudiation protocols. Computer Communications, 2002. 25(17): p. 1606-1621.
  12. Graham, S., et al. Web Services Resource 1.2. 2006 [cited 2007 19.01.]; Available from: http://docs.oasis-open.org/wsrf/wsrf-ws_resource-1.2-spec-os.pdf.
Download


Paper Citation


in Harvard Style

Agreiter B., Hafner M. and Breu R. (2007). A Fair Non-repudiation Service in a Web Services Peer-to-Peer Environment . In Proceedings of the 5th International Workshop on Security in Information Systems - Volume 1: WOSIS, (ICEIS 2007) ISBN 978-972-8865-96-2, pages 63-72. DOI: 10.5220/0002415500630072


in Bibtex Style

@conference{wosis07,
author={Berthold Agreiter and Michael Hafner and Ruth Breu},
title={A Fair Non-repudiation Service in a Web Services Peer-to-Peer Environment},
booktitle={Proceedings of the 5th International Workshop on Security in Information Systems - Volume 1: WOSIS, (ICEIS 2007)},
year={2007},
pages={63-72},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0002415500630072},
isbn={978-972-8865-96-2},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 5th International Workshop on Security in Information Systems - Volume 1: WOSIS, (ICEIS 2007)
TI - A Fair Non-repudiation Service in a Web Services Peer-to-Peer Environment
SN - 978-972-8865-96-2
AU - Agreiter B.
AU - Hafner M.
AU - Breu R.
PY - 2007
SP - 63
EP - 72
DO - 10.5220/0002415500630072