Abstract
Choreography, orchestration and dynamic invocation allow new web services to be composed from existing ones. However, these compositions create service interdependencies that can be misused for financial fraud and other illegal purposes. When a misuse is reported, investigators have to navigate through collections of logs to recreate the invocation scenario in order to evaluate the misuse claims. We propose the creation of forensic web services that can securely maintain transaction records between web services. An independent entity could use the stored records to reproduce the complete transaction history when investigating a misuse claim.
Chapter PDF
Similar content being viewed by others
References
Apache Software Foundation, Axis2 Architecture Guide (ws.apache .org/axis2/0 95/Axis2ArchitectureGuide.html), 2006.
BEA Systems, Specifying SOAP handlers for a web service, BEA WebLogic Workshop Help (Online), San Jose, California (edocs.bea .com/workshop/docs81/doc/en/core/index.html).
M. Bilal, J. Thomas, M. Thomas and S. Abraham, Fair BPEL processes transaction using non-repudiation protocols, Proceedings of the IEEE International Conference on Services Computing, pp. 337-340, 2005.
T. Coffey and P. Saidha, Non-repudiation with mandatory proof of receipt, ACM SIGCOMM Computer Communication Review, vol. 26 (1), pp. 6-17, 1996.
S. da Cruz, L. Campos, M. Campos and P. Pires, A data mart approach for monitoring web services usage and evaluating quality of services, Proceedings of the Twenty-Eighth Brazilian Symposium on Databases, 2003.
S. da Cruz, M. Campos, P. Pires and L. Campos, Monitoring ebusiness web service usage through a log based architecture, Proceedings of the IEEE International Conference on Web Services, pp. 61-69, 2004.
Y. Demchenko, L. Gommans, C. de Laat and B. Oudenaarde, Web services and grid security vulnerabilities and threats analysis and model, Proceedings of the Sixth IEEE/ACM International Workshop on Grid Computing, 2005.
S. Faust, SOAP web services attacks (www.net-security.org/dl/articles/SOAP Web Security.pdf ), 2003.
D. Green, Attacking and defending web services, presented at the Nebraska CERT Conference (www.certconf.org/presentations/2006/files/TA2.pdf ), 2006.
A. Herzberg and I. Yoffe, The Delivery and Evidence Layer, Report 2007/139, Cryptology ePrint Archive (eprint.iacr.org/2007/139.pdf ), 2007.
C. Hosmer, Digital evidence bag, Communications of the ACM, vol. 49(2), pp. 69-70, 2006.
IBM Corporation, JAX-RPC handlers collection, Armonk, New York (publib.boulder.ibm.com/infocenter/wasinfo/v6r0/index.jsp? topic=/com.ibm.websphere.pmc.express.doc/sibusresources/JAXR PC Handler CollectionForm.html), 2007.
C. Jayalath and R. Fernando, A modular architecture for secure and reliable distributed communication, Proceedings of the Second International Conference on Availability, Reliability and Security, pp. 621-628, 2007.
M. Juric, Business Process Execution Language for Web Services, Packt Publishing, Birmingham, United Kingdom, 2006.
S. King and P. Chen, Backtracking intrusions, ACM SIGOPS Op- erating Systems Review, vol. 37(5), pp. 223-236, 2003.
S. Kremer, O. Markowitch and J. Zhou, An intensive survey of fair non-repudiation protocols, Computer Communications, vol. 25(17), pp. 1606-1621, 2002.
J. Mallery, J. Zahn, P. Kelly, W. Noonan, E. Seagren, P. Love, R. Kraft and M. O’Neill, Hardening Network Security, McGrawHill/Osborne, Emeryville, California, 2005.
M. McIntosh and P. Austel, XML signature element wrapping at- tacks and countermeasures, Proceedings of the Second ACM Workshop on Secure Web Services, pp. 20-27, 2005.
S. Micali, Certified e-mail with invisible post offices, presented at the Sixth Annual RSA Data Security Conference, 1997.
W. Negm, Anatomy of a web services attack: A guide to threats and preventative countermeasures (www.bitpipe.com/detail/RES/1084293354 294.html), 2004.
OASIS Web Services Secure Exchange Technical Committee, WS- Trust V1.0, OASIS (www.oasis-open.org/committees/download.php/16138/oasis-wssx-ws-trust-1.0.pdf ), 2006.
OASIS Web Services Secure Exchange Technical Committee, WS- SecureConversation 1.3, OASIS (docs.oasis-open.org/ws-sx/ws-sec ureconversation/200512/ws-secureconversation-1.3-os.html), 2007.
J. Onieva, J. Zhou, M. Carbonell and J. Lopez, Intermediary non- repudiation protocols, Proceedings of the IEEE International Conference on E-Commerce Technology, pp. 207-214, 2003.
Oracle, Using JAX-RPC handlers, Oracle Application Server Web Services Developer’s Guide, Redwood Shores, California (download.oracle.com/docs/cd/B31017 01/web.1013/b28974/jaxrpchand lers.htm), 2006.
S. Perera, C. Herath, J. Ekanayake, A. Ranabahu. D. Jayasinghe, S. Weerawarana and G. Daniels, Axis2: Middleware for next generation web services, Proceedings of the IEEE International Conference on Web Services, pp. 833-840, 2006.
P. Robinson, N. Cook and S. Shrivastava, Implementing fair non- repudiable interactions with web services, Proceedings of the Ninth IEEE International EDOC Enterprise Computing Conference, pp. 195-206, 2005.
J. Rosenberg and D. Remy, Securing Web Services with WS- Security: Demystifying WS-Security, WS-Policy, SAML, XML Signature and XML Encryption, Sams Publishing, Indianapolis, Indiana, 2004.
M. Rouached and C. Godart, Analysis of composite web services us- ing logging facilities, Proceedings of the Second International Workshop on Engineering Service-Oriented Applications: Design and Composition, pp. 74-85, 2006.
K. Shanmugasundaram, N. Memon, A. Savant and H. Bronnimann, ForNet: A distributed forensics network, Proceedings of the Second International Workshop on Mathematical Methods, Models and Architectures for Computer Networks Security, pp. 1-16, 2003.
J. Sremack, Investigating real-time system forensics, Proceedings of the First International Conference on Security and Privacy for Emerging Areas in Communication Networks, pp. 25-32, 2005.
A. Vorobiev and J. Han, Security attack ontology for web services, Proceedings of the Second International Conference on Semantics, Knowledge and Grid, p. 42, 2006.
W. Wang and T. Daniels, Building evidence graphs for network forensics analysis, Proceedings of the Twenty-First Annual Computer Security Applications Conference, pp. 254-266, 2005.
W. Yu, P. Supthaweesuk and D. Aravind, Trustworthy web services based on testing, Proceedings of the IEEE International Workshop on Service-Oriented System Engineering, pp. 159-169, 2005.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2008 IFIP International Federation for Information Processing
About this paper
Cite this paper
Gunestas, M., Wijesekera, D., Singhal, A. (2008). Forensic Web Services. In: Ray, I., Shenoi, S. (eds) Advances in Digital Forensics IV. DigitalForensics 2008. IFIP — The International Federation for Information Processing, vol 285. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-84927-0_14
Download citation
DOI: https://doi.org/10.1007/978-0-387-84927-0_14
Publisher Name: Springer, Boston, MA
Print ISBN: 978-0-387-84926-3
Online ISBN: 978-0-387-84927-0
eBook Packages: Computer ScienceComputer Science (R0)