Instructor
Amr Sabry
Office: LH 230C
Phone: 5-3668
Email: sabry ... cs indiana edu
Office hours: M 10-11, R 10-12, and by appointment
Grades
Your grade is based on regular assignments, in-class presentations, and a
final project.
Preliminary List of Papers
See also the web
pages of the IU Extreme! lab for papers describing local research
projects related to web services and security.
Background: Web Services
- T. Barclay, J. Gray, E. Strand, S. Ekblad, and
J. Richter. TerraService.NET: An introduction to web services. Technical
Report MS-TR-2003-53, Microsoft Research, June 2002.
- W. Vogels. Web services are not distributed objects. IEEE Internet
Computing, 7(6):59-66, 2003. A version is available at http://weblogs.cs.cornell.edu/AllThingsDistributed/archives/000343.html
- J. Simeon and P. Wadler. The essence of XML. ACM
Symposium on Principles of Programming Languages, 1-13, 2003.
- D. Box, D. Ehnebuske, G. Kakivaya, A. Layman, N. Mendelsohn,
H. Nielsen, S. Thatte, D. Winder. Simple Object Access Protocol (SOAP)
1.1. W3C Note 08 May 2000.
- D. Box. A brief history of SOAP. At http://webservices.xml.com/pub/a/ws/2001/04/04/soap.html
- E. Christensen, F. Curbera, G. Meredith, S. Weerawarana. Web Services
Description Language (WSDL) 1.1. W3C Note 15 March 2001.
Background: Security
- B. Atkinson, G. Della-Libera, S. Hada, M. Hondo, P. Hallam-Baker,
C. Kaler, J. Klein, B. LaMacchia, P. Leach, J. Manferdelli, H. Maruyama,
A. Nadalin, N. Nagaratnam, H. Prafullchandra, J. Shewchuk, D. Simon. Web
Services Security (WS-Security).
- Web
Services Secure Conversation Language (WS-SecureConversation)
- Web
Services Trust Language (WS-Trust)
- M. Abadi and A. D. Gordon. A calculus for cryptographic protocols: The
spi calculus. Information and Computation, 148:1-70, 1999.
- Computer Security: Art and Science. Matt Bishop. Addison Wesley
Professional, 2003. ISBN 0-201-44099-7.
- Online resources:
Advanced Papers
- J. E. Johnson, D. E. Langworthy, L. Lamport, and F. H. Vogt. Formal
specification of a web services protocol. International Workshop on Web
Services and Formal Methods, 2004.
- K. Bhargavan, C. Fournet, A. D. Gordon, and R. Pucella. TulaFale: A
security tool for web services. In Formal Methods for Components and Objects
(FMCO 2003), Springer LNCS 3188:197-222, 2004.
- K. Bhargavan, C. Fournet, and A. D. Gordon. A semantics for web services
authentication. ACM Symposium on Principles of Programming Languages,
198-209, 2004. Extended version: Technical Report MSR-TR-2003-83, Microsoft
Research, February 2004.
- K. Bhargavan, R. Corin, C. Fournet, and A. D. Gordon. Secure sessions
for web services. ACM Workshop on Secure Web Services (SWS 2004), 2004.
- A. D. Gordon and R. Pucella. Validating a web service security
abstraction by typing. ACM Workshop on XML Security, 18-29, 2002. Extended
version: Technical Report MSR-TR-2002-108, Microsoft Research, December 2002.
sabry ... cs indiana edu