Secure XML-based Network Management in a Multi-source Context

Rapport interne.This paper presents a secure architecture for network management in an XML environment. It introduces a distributed access control mechanism based on RBAC directly integrated into XML network configuration documents. It also provides confidentiality and authentication to the protocol both being deeply bound to the role concept of the RBAC model. It also uses an efficient key distribution mechanism based on multicast key management. A prototype implementing this security architecture is under development

XML security in XML data integrity, authentication, and confidentiality

The widely application of XML has increasingly required high security. XML security confronts some challenges that are strong relating to its features. XML data integrity needs to protect element location information and contextreferential meaning as well as data content integrity under fine-grained security situations. XML data authentication must satisfy a signing process under a dependent and independent multi-signature generation scenario. When several different sections are encrypted within the XML data, it cannot query the encrypted contents without decrypting the encrypted portions. The technologies relating to XML security demand further development. This thesis aims to improve XML security relative technologies, and make them more practicable and secure. A novel revocation information validation approach for X.509 certificate is proposed based on the XML digital signature technology. This approach reduces the complexity of XKMS or PKI systems because it eliminates the requirement for additional revocation checking from XKMS or CA. The communication burden between server and client could be alleviated. The thesis presents the context-referential integrity for XML data. An integrity solution for XML data is also proposed based on the concatenated hash function. The integrity model proposed not only ensures XML data content integrity, but also protects the structure integrity and elements’ context relationship within an XML data. If this model is integrated into XML signature technology, the signature cannot be copied to another document still keeping valid. A new series-parallel XML multi-signature scheme is proposed. The presented scheme is a mixed order specified XML multi-signature scheme according to a dependent and independent signing process. Using presented XML data integrity-checking pool to provide integrity-checking for decomposed XML data, it makes signing XPath expression practicable, rather than signing XML data itself. A new labeling scheme for encrypted XML data is presented to improve the efficiency of index information maintenance which is applied to support encrypted XML data query processing. The proposed labelling scheme makes maintenance index information more efficient, and it is easy to update XML data with decreasing the number of affected nodes to the lowest. In order to protect structural information for encrypted XML data, the encrypted nodes are removed from original XML data, and structural information is hidden. A case study is carried out to demonstrate how the proposed XML security relative approaches and schemes can be applied to satisfy fine-grained XML security in calibration certificate management.EThOS - Electronic Theses Online ServiceGBUnited Kingdo

A SOAP-based Model for secure messaging in a global context

For integration between application-systems in a global context, interoperability needs to be established on a global level; global interoperability, in turn, is based on a global common application-interface. This is achieved through resolving differences in, inter alia, protocol profiles, among participants in the global network. ebXML is used as the point of departure. A messaging framework, which is based on existing Web technology and standards, is proposed. Certain security and Web service standards are examined to determine specific parameters for an interoperable secure messaging environment. A security based framework comprising a predefined message format and architecture is investigated for a secure interoperable global electronic marketspace

MementoMap: A Web Archive Profiling Framework for Efficient Memento Routing

With the proliferation of public web archives, it is becoming more important to better profile their contents, both to understand their immense holdings as well as to support routing of requests in Memento aggregators. A memento is a past version of a web page and a Memento aggregator is a tool or service that aggregates mementos from many different web archives. To save resources, the Memento aggregator should only poll the archives that are likely to have a copy of the requested Uniform Resource Identifier (URI). Using the Crawler Index (CDX), we generate profiles of the archives that summarize their holdings and use them to inform routing of the Memento aggregator’s URI requests. Additionally, we use full text search (when available) or sample URI lookups to build an understanding of an archive’s holdings. Previous work in profiling ranged from using full URIs (no false positives, but with large profiles) to using only top-level domains (TLDs) (smaller profiles, but with many false positives). This work explores strategies in between these two extremes. For evaluation we used CDX files from Archive-It, UK Web Archive, Stanford Web Archive Portal, and Arquivo.pt. Moreover, we used web server access log files from the Internet Archive’s Wayback Machine, UK Web Archive, Arquivo.pt, LANL’s Memento Proxy, and ODU’s MemGator Server. In addition, we utilized historical dataset of URIs from DMOZ. In early experiments with various URI-based static profiling policies we successfully identified about 78% of the URIs that were not present in the archive with less than 1% relative cost as compared to the complete knowledge profile and 94% URIs with less than 10% relative cost without any false negatives. In another experiment we found that we can correctly route 80% of the requests while maintaining about 0.9 recall by discovering only 10% of the archive holdings and generating a profile that costs less than 1% of the complete knowledge profile. We created MementoMap, a framework that allows web archives and third parties to express holdings and/or voids of an archive of any size with varying levels of details to fulfil various application needs. Our archive profiling framework enables tools and services to predict and rank archives where mementos of a requested URI are likely to be present. In static profiling policies we predefined the maximum depth of host and path segments of URIs for each policy that are used as URI keys. This gave us a good baseline for evaluation, but was not suitable for merging profiles with different policies. Later, we introduced a more flexible means to represent URI keys that uses wildcard characters to indicate whether a URI key was truncated. Moreover, we developed an algorithm to rollup URI keys dynamically at arbitrary depths when sufficient archiving activity is detected under certain URI prefixes. In an experiment with dynamic profiling of archival holdings we found that a MementoMap of less than 1.5% relative cost can correctly identify the presence or absence of 60% of the lookup URIs in the corresponding archive without any false negatives (i.e., 100% recall). In addition, we separately evaluated archival voids based on the most frequently accessed resources in the access log and found that we could have avoided more than 8% of the false positives without introducing any false negatives. We defined a routing score that can be used for Memento routing. Using a cut-off threshold technique on our routing score we achieved over 96% accuracy if we accept about 89% recall and for a recall of 99% we managed to get about 68% accuracy, which translates to about 72% saving in wasted lookup requests in our Memento aggregator. Moreover, when using top-k archives based on our routing score for routing and choosing only the topmost archive, we missed only about 8% of the sample URIs that are present in at least one archive, but when we selected top-2 archives, we missed less than 2% of these URIs. We also evaluated a machine learning-based routing approach, which resulted in an overall better accuracy, but poorer recall due to low prevalence of the sample lookup URI dataset in different web archives. We contributed various algorithms, such as a space and time efficient approach to ingest large lists of URIs to generate MementoMaps and a Random Searcher Model to discover samples of holdings of web archives. We contributed numerous tools to support various aspects of web archiving and replay, such as MemGator (a Memento aggregator), Inter- Planetary Wayback (a novel archival replay system), Reconstructive (a client-side request rerouting ServiceWorker), and AccessLog Parser. Moreover, this work yielded a file format specification draft called Unified Key Value Store (UKVS) that we use for serialization and dissemination of MementoMaps. It is a flexible and extensible file format that allows easy interactions with Unix text processing tools. UKVS can be used in many applications beyond MementoMaps

XML Messaging for Mobile Devices

In recent years, XML has been widely adopted as a universal format for structured data. A variety of XML-based systems have emerged, most prominently SOAP for Web services, XMPP for instant messaging, and RSS and Atom for content syndication. This popularity is helped by the excellent support for XML processing in many programming languages and by the variety of XML-based technologies for more complex needs of applications. Concurrently with this rise of XML, there has also been a qualitative expansion of the Internet's scope. Namely, mobile devices are becoming capable enough to be full-fledged members of various distributed systems. Such devices are battery-powered, their network connections are based on wireless technologies, and their processing capabilities are typically much lower than those of stationary computers. This dissertation presents work performed to try to reconcile these two developments. XML as a highly redundant text-based format is not obviously suitable for mobile devices that need to avoid extraneous processing and communication. Furthermore, the protocols and systems commonly used in XML messaging are often designed for fixed networks and may make assumptions that do not hold in wireless environments. This work identifies four areas of improvement in XML messaging systems: the programming interfaces to the system itself and to XML processing, the serialization format used for the messages, and the protocol used to transmit the messages. We show a complete system that improves the overall performance of XML messaging through consideration of these areas. The work is centered on actually implementing the proposals in a form usable on real mobile devices. The experimentation is performed on actual devices and real networks using the messaging system implemented as a part of this work. The experimentation is extensive and, due to using several different devices, also provides a glimpse of what the performance of these systems may look like in the future.Matkapuhelimien ja muiden mobiililaitteiden määrä on kasvanut erittäin nopeasti viime vuosina. Laitteiden pieni koko, niiden tarjoamat ohjelmointimahdollisuudet ja langattomat verkkoyhteydet mahdollistavat Internet- ja muiden verkkosovellusten käytön kaikkialla. Akusta johtuva rajallinen käyttöaika, heikko suoritusteho ja verkkokäytön vaatima virta ja aika toimivat kuitenkin selkeinä rajoitteina mobiililaitteiden mahdollisuuksille, ja jotta mobiilimaailma ei joutuisi kokonaan tulevaisuuden Internetin ulkopuolelle, järjestelmien ja sovellusten suunnittelussa on otettava sen erityispiirteet huomioon. Tulevaisuuden verkkosovelluksissa suoran päätelaitteiden välisen viestinnän odotetaan olevan keskeinen osa sovelluksen toimintaa. Nyky-Internetissä tällaisessa viestinnässä käytetään yhä useammin XML-kieltä, joka laajennettavuutensa ja helppokäyttöisyytensä ansiosta vähentää sovelluskehittäjän taakkaa. XML-kielen ongelmina ovat kuitenkin sen vaatimat suuret tiedonsiirto- ja käsittelyajat, jotka ovat olleet esteenä XML:n laajalle käytölle mobiiliympäristöissä. Väitöskirja tutkii XML-pohjaisen laitteiden välisen viestinnän perusedellytyksiä mobiililaitteilla langattomissa verkoissa. Keskeiset tutkimuskohteet ovat tiivis ja tehokkaasti käsiteltävä XML-esitysmuoto, XML:n käsittelyyn paremmin sopivat ohjelmointirajapinnat ja mobiiliympäristön viestiprotokollat. Työn tuloksena on syntynyt mobiililaitteille suunniteltu XML-pohjainen viestintäjärjestelmä, joka on sellaisenaan käytettävissä verkkosovellusten perustana. Järjestelmälle on suoritettu kattavat mittaukset, jotka osoittavat järjestelmän sopivuuden käyttötarkoitukseensa. Tulosten analyysissa otetaan myös huomioon, miten järjestelmän eri ominaisuudet sopivat kuhunkin mobiililaitteiden tukemaan ympäristöön, sekä tarkastellaan, miltä tulevaisuuden mobiililaitteiden suorituskyky saattaisi näyttää

A cache framework for nomadic clients of web services

This research explores the problems associated with caching of SOAP Web Service request/response pairs, and presents a domain independent framework enabling transparent caching of Web Service requests for mobile clients. The framework intercepts method calls intended for the web service and proceeds by buffering and caching of the outgoing method call and the inbound responses. This enables a mobile application to seamlessly use Web Services by masking fluctuations in network conditions. This framework addresses two main issues, firstly how to enrich the WS standards to enable caching and secondly how to maintain consistency for state dependent Web Service request/response pairs

XAdES4J: a java library for XAdES signature services

As comunicações electrónicas são cada vez mais o meio de eleição para negócios entre entidades e para as relações entre os cidadãos e o Estado (e-government). Esta diversidade de transacções envolve, muitas vezes, informação sensível e com possível valor legal. Neste contexto, as assinaturas electrónicas são uma importante base de confiança, fornecendo garantias de integridade e autenticação entre os intervenientes. A produção de uma assinatura digital resulta não só no valor da assinatura propriamente dita, mas também num conjunto de informação adicional acerca da mesma, como o algoritmo de assinatura, o certificado de validação ou a hora e local de produção. Num cenário heterogéneo como o descrito anteriormente, torna-se necessária uma forma flexível e interoperável de descrever esse tipo de informação. A linguagem XML é uma forma adequada de representar uma assinatura neste contexto, não só pela sua natureza estruturada, mas principalmente por ser baseada em texto e ter suporte generalizado. A recomendação XML Signature Syntax and Processing (ou apenas XML Signature) foi o primeiro passo na representação de assinaturas em XML. Nela são definidas sintaxe e regras de processamento para criar, representar e validar assinaturas digitais. As assinaturas XML podem ser aplicadas a qualquer tipo de conteúdos digitais identificáveis por um URI, tanto no mesmo documento XML que a assinatura, como noutra qualquer localização. Além disso, a mesma assinatura XML pode englobar vários recursos, mesmo de tipos diferentes (texto livre, imagens, XML, etc.). À medida que as assinaturas electrónicas foram ganhando relevância tornou-se evidente que a especificação XML Signature não era suficiente, nomeadamente por não dar garantias de validade a longo prazo nem de não repudiação. Esta situação foi agravada pelo facto da especificação não cumprir os requisitos da directiva 1999/93/EC da União Europeia, onde é estabelecido um quadro legal para as assinaturas electrónicas a nível comunitário. No seguimento desta directiva da União Europeia foi desenvolvida a especificação XML Advanced Electronic Signatures que define formatos XML e regras de processamento para assinaturas electrónicas não repudiáveis e com validade verificável durante períodos de tempo extensos, em conformidade com a directiva. Esta especificação estende a recomendação XML Signature, definindo novos elementos que contêm informação adicional acerca da assinatura e dos recursos assinados (propriedades qualificadoras). A plataforma Java inclui, desde a versão 1.6, uma API de alto nível para serviços de assinaturas digitais em XML, de acordo com a recomendação XML Signature. Contudo, não existe suporte para assinaturas avançadas. Com este projecto pretende-se desenvolver uma biblioteca Java para a criação e validação de assinaturas XAdES, preenchendo assim a lacuna existente na plataforma. A biblioteca desenvolvida disponibiliza uma interface com alto nível de abstracção, não tendo o programador que lidar directamente com a estrutura XML da assinatura nem com os detalhes do conteúdo das propriedades qualificadoras. São definidos tipos que representam os principais conceitos da assinatura, nomeadamente as propriedades qualificadoras e os recursos assinados, sendo os aspectos estruturais resolvidos internamente. Neste trabalho, a informação que compõe uma assinatura XAdES é dividia em dois grupos: o primeiro é formado por características do signatário e da assinatura, tais como a chave e as propriedades qualificadoras da assinatura. O segundo grupo é composto pelos recursos assinados e as correspondentes propriedades qualificadoras. Quando um signatário produz várias assinaturas em determinado contexto, o primeiro grupo de características será semelhante entre elas. Definiu-se o conjunto invariante de características da assinatura e do signatário como perfil de assinatura. O conceito é estendido à verificação de assinaturas englobando, neste caso, a informação a usar nesse processo, como por exemplo os certificados raiz em que o verificador confia. Numa outra perspectiva, um perfil constitui uma configuração do serviço de assinatura correspondente. O desenho e implementação da biblioteca estão também baseados no conceito de fornecedor de serviços. Um fornecedor de serviços é uma entidade que disponibiliza determinada informação ou serviço necessários à produção e verificação de assinaturas, nomeadamente: selecção de chave/certificado de assinatura, validação de certificados, interacção com servidores de time-stamp e geração de XML. Em vez de depender directamente da informação em causa, um perfil — e, consequentemente, a operação correspondente — é configurado com fornecedores de serviços que são invocados quando necessário. Para cada tipo de fornecedor de serviços é definida um interface, podendo as correspondentes implementações ser configuradas de forma independente. A biblioteca inclui implementações de todos os fornecedores de serviços, sendo algumas delas usadas for omissão na produção e verificação de assinaturas. Uma vez que o foco do projecto é a especificação XAdES, o processamento e estrutura relativos ao formato básico são delegados internamente na biblioteca Apache XML Security, que disponibiliza uma implementação da recomendação XML Signature. Para validar o funcionamento da biblioteca, nomeadamente em termos de interoperabilidade, procede-se, entre outros, à verificação de um conjunto de assinaturas produzidas por Estados Membros da União Europeia, bem como por outra implementação da especificação XAdES