Checking the security of web services configurations

US 20050268326A1
Filed: 12/29/2004
Published: 12/01/2005
Est. Priority Date: 05/04/2004
Status: Abandoned Application

First Claim

Patent Images

1. A computer-implemented method comprising:

translating detailed security policies into a model, the detailed security policies being enforced during exchange of messages between one or more endpoints, the one or more endpoints hosting respective principals networked in a distributed operating environment; and

evaluating the model to determine if the detailed security policies enforce one or more security goals of at least one of the one or more endpoints.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods for checking security goals of a distributed system are described. In one aspect, detailed security policies are converted into a model. The detailed security policies are enforced during exchange of messages between one or more endpoints. The one or more endpoints host respective principals networked in a distributed operating environment. The model is evaluated to determine if the detailed security policies enforce one or more security goals of at least one of the one or more endpoints.

71 Citations

View as Search Results

20 Claims

1. A computer-implemented method comprising:
- translating detailed security policies into a model, the detailed security policies being enforced during exchange of messages between one or more endpoints, the one or more endpoints hosting respective principals networked in a distributed operating environment; and
  
  evaluating the model to determine if the detailed security policies enforce one or more security goals of at least one of the one or more endpoints.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. A computer-implemented method as recited in claim 1, where the detailed security policies are specified in configuration data for the one or more endpoints.
  - 3. A computer-implemented method as recited in claim 1, wherein the detailed security policies indicate one or more of the following:
    - a trust relationship between endpoints, a service supported by an endpoint of the one or more endpoints, an action supported by an endpoint of the one or more endpoints.
  - 4. A computer-implemented method as recited in claim 1, wherein the model further comprises using a calculus of concurrent processes to represent the one or more endpoints.
  - 5. A computer-implemented method as recited in claim 1, wherein the model further comprises using logical predicates to represent message filtering and processing.
  - 6. A computer-implemented method as recited in claim 1, wherein the model further comprises a formal specification of the one or more security goals stated in link description associated with the one or more endpoints.
  - 7. A computer-implemented method as recited in claim 1, wherein the detailed security policies are specified with declarative data comprising logical formula(s) over base assertion(s).
  - 8. A computer-implemented method as recited in claim 1, wherein the one or more endpoints are multiple endpoints comprising a client and a server.
  - 9. A computer-implemented method as recited in claim 1, wherein a security goal of the one or more security goals is directed to secrecy or integrity of at least a subset of content associated with the messages.
  - 10. A computer-implemented method as recited in claim 1, wherein evaluating the model comprises automatically determining whether an endpoint of the one or more endpoints is vulnerable to rewriting attacks on exchanged messages.
  - 11. A computer-implemented method as recited in claim 1:
    - wherein translating, a subset of information associated with the detailed security policies is not available to create the model; and
      
      wherein evaluating the model further comprises automatically simulating the subset to determine if the one or more security goals of the at least one endpoint are enforced independently of the subset of information.
  - 12. A computer-implemented method as recited in claim 1, further comprising:
    - determining that the detailed security policies have been modified;
      
      responsive to the determining, evaluating the model to determine if the detailed security policies as modified enforce security goal(s) of the one or more endpoints; and
      
      enforcing the detailed security policies as modified only if the security goal(s) are met.

13. A computer-readable medium comprising computer-program instructions executable by a processor for:
- converting detailed security policies into a model, the detailed security policies being enforced during exchange of messages between one or more endpoints, the one or more endpoints hosting respective principals networked in a distributed operating environment; and
  
  evaluating the model to determine if the detailed security policies enforce one or more security goals of at least one of the one or more endpoints.
- View Dependent Claims (14, 15, 16, 17)
- - 14. A computer-readable medium as recited in claim 13, wherein the detailed security policies indicate one or more of the following:
    - a trust relationship between endpoints, a service supported by an endpoint of the one or more endpoints, an action supported by an endpoint of the one or more endpoints.
  - 15. A computer-readable medium as recited in claim 13, wherein the one or more endpoints are multiple endpoints comprising a client and a server.
  - 16. A computer-readable medium as recited in claim 13:
    - wherein the computer-program instructions for translating, a subset of information associated with the detailed security policies is not available to create the model; and
      
      wherein the computer-program instructions for evaluating the model further comprise instructions for automatically simulating the subset to determine if the one or more security goals of the at least one endpoint are enforced independently of the subset of information.
  - 17. A computer-readable medium as recited in claim 13, further comprising computer-program instructions executable by the processor for:
    - determining that the detailed security policies have been modified;
      
      responsive to the determining, evaluating the model to determine if the detailed security policies as modified enforces security goal(s) of the one or more endpoints; and
      
      enforcing the detailed security policies as modified only if the security goal(s) are met.

18. A computer-implemented method comprising:
- querying detailed security policies with one or more of a schema checking or identifier scoping query, an endpoint configuration setting query, a policy dispatch query, an individual policy query, a policy compatibility query, or a custom query, the security policies associated with exchange of message(s) between one or more endpoints hosting respective principals networked in a distributed operating environment; and
  
  responsive to the querying, generating a positive or a negative security report.
- View Dependent Claims (19, 20)
- - 19. A computer-implemented method as recited in claim 18, wherein the detailed security policies are in a configuration file or an object model.
  - 20. A computer-implemented method as recited in claim 18:
    - wherein the positive report comprises one or more of a description of endpoints and actions being assigned a policy, an indication of signed or encrypted parts of messages in traces, a positive statement of an agreement between sender and receiver after a message is accepted, and an indication of any non-standard header occurring in a message trace;
      
      wherein the negative report comprises one or more of an indication of a failure to sign or check a certain message header, a failure to correlate messages, a typo, and advice on how to correct a vulnerability.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Pucella, Riccardo, Kaler, Christopher G., Fournet, Cedric, Bhargavan, Karthikeyan, Gordon, Andrew Donald

Application Number

US11/025,488
Publication Number

US 20050268326A1
Time in Patent Office

Days
Field of Search
US Class Current

726/1
CPC Class Codes

H04L 63/102   Entity profiles

H04L 63/1433   Vulnerability analysis

H04L 63/20   for managing network securi...

Checking the security of web services configurations

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

71 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Checking the security of web services configurations

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

71 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links