The Center for Education and Research in Information Assurance and Security (CERIAS)

The Center for Education and Research in
Information Assurance and Security (CERIAS)
Center for Education and Research in Information Assurance and Security

2006 IEEE Web Services Security Symposium

Download

Download PDF Document
PDF

Author

IEEE Web Services Security Symposium

Tech report number

CERIAS TR 2006-23

Entry type

techreport

Abstract

The 2006 IEEE Workshop on Web Services Security was held May 21, 2006, in Oakland, California, USA. The workshop provided a forum for the presentation, discussion, and dissemination of new results on security challenges presented by the Web Services. It was organized in conjunction with the 2006 IEEE Symposium on Security and Privacy. The program committee selected 6 papers for inclusion into the proceedings. Each submission was reviewed by at least 3 members of the Program Committee. The Program Committee meeting was held electronically. We would like to thank all the authors for submitting to WSSS. The one day workshop comprised of presentations, followed by discussions of the accepted papers. In addition to the research program, the workshop featured 2 invited talks and panel discussion.

Download

PDF

Date

2006 – 05 – 21

Booktitle

IEEE WSSS Proceedings

How published

Online

Key alpha

IEEE WSSS

Note

PAPERS IN THE TECHNICAL REPORT: 1. AMPol: Adaptive Messaging Policy, Raja N. Afandi, Jianqing Zhang, Munawar Haz, and Carl A. Gunter. University of Illinois at Urbana- Champaign, USA. 2. Enhancing Privacy in Identity Federation Anonymous Credentials Ensure Unlinkability in WS-Security, Jan Camenisch, Thomas Gross, and Dieter Sommer. IBM Zurich Research Laboratory, Switzerland. 3. Semantic-Aware Data Protection in Web Services, Csilla Farkas1, Amit Jain1, Duminda Wijesekera2, Anoop Singhal3, and Bhavani Thuraisingham4. 1 University of South Carolina, 2 George Mason Uni- versity, 3 National Institute of Standards and Technology, 4 University of Texas at Dallas, USA. 4. Authorization Strategies for Virtualized Environments in Grid Computing Systems, Xinming Ou, Anna Squicciarini, Sebastien Goasguen, and Elisa Bertino. Purdue University, USA. 5. Security Mechanisms for Data Intensive Systems, Periorellis P., Wu J., and Watson P. University of Newcastle Upon Tyne, UK. 6. SAML Artifact Information Flow Revisited, Thomas Gross and Birgit Pfitzmann. IBM Zurich Research Laboratory, Switzerland.

Publisher

CERIAS TECH REPORT

Publication Date

2006-05-21

Contents

INDEX OF PAPERS IN THE TECHNICAL REPORT: 1. AMPol: Adaptive Messaging Policy, Raja N. Afandi, Jianqing Zhang, Munawar Haz, and Carl A. Gunter. University of Illinois at Urbana- Champaign, USA. 2. Enhancing Privacy in Identity Federation Anonymous Credentials Ensure Unlinkability in WS-Security, Jan Camenisch, Thomas Gross, and Dieter Sommer. IBM Zurich Research Laboratory, Switzerland. 3. Semantic-Aware Data Protection in Web Services, Csilla Farkas1, Amit Jain1, Duminda Wijesekera2, Anoop Singhal3, and Bhavani Thuraisingham4. 1 University of South Carolina, 2 George Mason Uni- versity, 3 National Institute of Standards and Technology, 4 University of Texas at Dallas, USA. 4. Authorization Strategies for Virtualized Environments in Grid Computing Systems, Xinming Ou, Anna Squicciarini, Sebastien Goasguen, and Elisa Bertino. Purdue University, USA. 5. Security Mechanisms for Data Intensive Systems, Periorellis P., Wu J., and Watson P. University of Newcastle Upon Tyne, UK. 6. SAML Artifact Information Flow Revisited, Thomas Gross and Birgit Pfitzmann. IBM Zurich Research Laboratory, Switzerland.

Location

A hard-copy of this is in REC 216

Subject

Web Services Security: The advance of Web Services technologies promises to have far reaching effects on the Internet and enterprise networks. Web services based on eXtensible Markup Language (XML), Simple Object Access Protocol (SOAP) and related open standards in the area of Service Oriented Architectures (SOA) allow data and applications to interact without human intervention through dynamic and adhoc connections. However, the security challenges presented by the Web Services approach are formidable. Many of the features that make Web Services attractive are at odds with traditional security models and controls. This workshop will explore the challenges in the area of Web Services Security ranging from security issues in XML, SOAP and UDDI to higher level issues such as advanced metadata, general security policies and service assurance. Topics of interest included in the symposium were as follows: * Web services and GRID computing security * Authentication and authorization * Integrity and transaction management for Web Services * Use of Web Services in Trusted Computing Platform * Semantic aware Web Services security * Privacy and digital identity * Trust negotiation for Web Services * Secure web service composition and workflows

BibTex-formatted data

To refer to this entry, you may select and copy the text below and paste it into your BibTex document. Note that the text may not contain all macros that BibTex supports.