CSCI B629 (Topics in Programming Languages: Semantics/Security of Web Services)

Instructor

Office: LH 230C

Phone: 5-3668

Office hours: M 10-11, R 10-12, and by appointment

Your grade is based on regular assignments, in-class presentations, and a final project.

See also the web pages of the IU Extreme! lab for papers describing local research projects related to web services and security.

T. Barclay, J. Gray, E. Strand, S. Ekblad, and J. Richter. TerraService.NET: An introduction to web services. Technical Report MS-TR-2003-53, Microsoft Research, June 2002.
W. Vogels. Web services are not distributed objects. IEEE Internet Computing, 7(6):59-66, 2003. A version is available at http://weblogs.cs.cornell.edu/AllThingsDistributed/archives/000343.html
J. Simeon and P. Wadler. The essence of XML. ACM Symposium on Principles of Programming Languages, 1-13, 2003.
D. Box, D. Ehnebuske, G. Kakivaya, A. Layman, N. Mendelsohn, H. Nielsen, S. Thatte, D. Winder. Simple Object Access Protocol (SOAP) 1.1. W3C Note 08 May 2000.
D. Box. A brief history of SOAP. At http://webservices.xml.com/pub/a/ws/2001/04/04/soap.html
E. Christensen, F. Curbera, G. Meredith, S. Weerawarana. Web Services Description Language (WSDL) 1.1. W3C Note 15 March 2001.

B. Atkinson, G. Della-Libera, S. Hada, M. Hondo, P. Hallam-Baker, C. Kaler, J. Klein, B. LaMacchia, P. Leach, J. Manferdelli, H. Maruyama, A. Nadalin, N. Nagaratnam, H. Prafullchandra, J. Shewchuk, D. Simon. Web Services Security (WS-Security).
Web Services Secure Conversation Language (WS-SecureConversation)
Web Services Trust Language (WS-Trust)
M. Abadi and A. D. Gordon. A calculus for cryptographic protocols: The spi calculus. Information and Computation, 148:1-70, 1999.
Computer Security: Art and Science. Matt Bishop. Addison Wesley Professional, 2003. ISBN 0-201-44099-7.
Online resources:

J. E. Johnson, D. E. Langworthy, L. Lamport, and F. H. Vogt. Formal specification of a web services protocol. International Workshop on Web Services and Formal Methods, 2004.
K. Bhargavan, C. Fournet, A. D. Gordon, and R. Pucella. TulaFale: A security tool for web services. In Formal Methods for Components and Objects (FMCO 2003), Springer LNCS 3188:197-222, 2004.
K. Bhargavan, C. Fournet, and A. D. Gordon. A semantics for web services authentication. ACM Symposium on Principles of Programming Languages, 198-209, 2004. Extended version: Technical Report MSR-TR-2003-83, Microsoft Research, February 2004.
K. Bhargavan, R. Corin, C. Fournet, and A. D. Gordon. Secure sessions for web services. ACM Workshop on Secure Web Services (SWS 2004), 2004.
A. D. Gordon and R. Pucella. Validating a web service security abstraction by typing. ACM Workshop on XML Security, 18-29, 2002. Extended version: Technical Report MSR-TR-2002-108, Microsoft Research, December 2002.