ws4 dsec talk @ kickoff rs3
DESCRIPTION
TRANSCRIPT
![Page 1: Ws4 dsec talk @ Kickoff RS3](https://reader034.vdocuments.us/reader034/viewer/2022051515/55380fc15503464e418b46bc/html5/thumbnails/1.jpg)
WS4Dsec
2/21/11 © 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK
Reliably Secure Web Services for Devices
1
www. .org
Andreas Lehmann, Stefan Pfeiffer, Frank Golatowski, Dirk Timmermann, Karsten Wolf
![Page 2: Ws4 dsec talk @ Kickoff RS3](https://reader034.vdocuments.us/reader034/viewer/2022051515/55380fc15503464e418b46bc/html5/thumbnails/2.jpg)
2/21/11
Prof. Dirk Timmermann
Prof. Karsten Wolf
Electrical Engineering
Computer Science
www. .org
Joint Interdisciplinary Research Project
2© 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK
![Page 3: Ws4 dsec talk @ Kickoff RS3](https://reader034.vdocuments.us/reader034/viewer/2022051515/55380fc15503464e418b46bc/html5/thumbnails/3.jpg)
2/21/11 3
search register
Interaction between business entities
communicate
© 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK
Service Oriented Architecture (SOA)
![Page 4: Ws4 dsec talk @ Kickoff RS3](https://reader034.vdocuments.us/reader034/viewer/2022051515/55380fc15503464e418b46bc/html5/thumbnails/4.jpg)
2/21/11 4
UDDI
Consumer Web Service
search register
communicate
WSDL
XML
SOAP
query language:defined by UDDI
© 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK
WS-BPEL WS-BPEL
Web Service Technology
Interaction between technical entities
driven by >50 industry standards
![Page 5: Ws4 dsec talk @ Kickoff RS3](https://reader034.vdocuments.us/reader034/viewer/2022051515/55380fc15503464e418b46bc/html5/thumbnails/5.jpg)
2/21/11 52/21/11
Group Wolf – Computer Science
We provide tools & formal methods for analysis of systems and synthesis of services
© 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK
Andreas Lehmann
Service
WS-BPEL–
Formal Model
Service Service
Service
?
verification
diagnosis
validation
![Page 6: Ws4 dsec talk @ Kickoff RS3](https://reader034.vdocuments.us/reader034/viewer/2022051515/55380fc15503464e418b46bc/html5/thumbnails/6.jpg)
2/21/11 62/21/11
Group Wolf – Computer Science
We provide tools & formal methods for analysis of systems and synthesis of services
© 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK
Andreas Lehmann
Service
WS-BPEL–
Formal Model
Service Service
Service
?
verification
diagnosis
validation
asynchronoushardware circuits
business processes
others...
AI planning
biochemical reactions
![Page 7: Ws4 dsec talk @ Kickoff RS3](https://reader034.vdocuments.us/reader034/viewer/2022051515/55380fc15503464e418b46bc/html5/thumbnails/7.jpg)
2/21/11 72/21/11
Group Wolf – Computer Science
We provide tools & formal methods for analysis of systems and synthesis of services
© 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK
Andreas Lehmann Service ?
Service
Service ? Service
Specification
ImplementationTestTest
Test
partner synthesis
adapter synthesis
corrections
test case generation
![Page 8: Ws4 dsec talk @ Kickoff RS3](https://reader034.vdocuments.us/reader034/viewer/2022051515/55380fc15503464e418b46bc/html5/thumbnails/8.jpg)
2/21/11 82/21/11
Group Wolf – Computer Science
We provide tools & formal methods for analysis of systems and synthesis of services
© 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK
Andreas Lehmann
Formal Model–
WS-BPEL
Service ?
Service
Service ? Service
Specification
ImplementationTestTestTest
partner synthesis
adapter synthesis
corrections
test case generation
![Page 9: Ws4 dsec talk @ Kickoff RS3](https://reader034.vdocuments.us/reader034/viewer/2022051515/55380fc15503464e418b46bc/html5/thumbnails/9.jpg)
2/21/11 92/21/11
Group Wolf – Computer Science
We provide tools & formal methods for analysis of systems and synthesis of services
© 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK
Andreas Lehmann
![Page 10: Ws4 dsec talk @ Kickoff RS3](https://reader034.vdocuments.us/reader034/viewer/2022051515/55380fc15503464e418b46bc/html5/thumbnails/10.jpg)
2/21/11 10
refrigerator
picture frame
clock
coffee machine
electricity meter
mobile phones
© 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK
More intelligent devices
![Page 11: Ws4 dsec talk @ Kickoff RS3](https://reader034.vdocuments.us/reader034/viewer/2022051515/55380fc15503464e418b46bc/html5/thumbnails/11.jpg)
2/21/11 11© 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK
More communication between devices
![Page 12: Ws4 dsec talk @ Kickoff RS3](https://reader034.vdocuments.us/reader034/viewer/2022051515/55380fc15503464e418b46bc/html5/thumbnails/12.jpg)
Web Service Technology to Devices ?
Static Configuration
Central Directory
Resource Hungry
2/21/11 12
Dynamic Configuration
No Central Directory
Resource Constrained
© 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK
![Page 13: Ws4 dsec talk @ Kickoff RS3](https://reader034.vdocuments.us/reader034/viewer/2022051515/55380fc15503464e418b46bc/html5/thumbnails/13.jpg)
• Standardized by the WS-DD technical committee
• Apply the Web Services technology to the domain of embedded systems
• Is already integrated by Microsoft and Windows Vista.
2/21/11 13
DPWS – Devices Profile for Web Services
© 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK
![Page 14: Ws4 dsec talk @ Kickoff RS3](https://reader034.vdocuments.us/reader034/viewer/2022051515/55380fc15503464e418b46bc/html5/thumbnails/14.jpg)
Directory
2/21/11 14
Devices Profile for Web Services
Consumer Device / Web Service
search announce
communicate
WSDL
XML
SOAP
defined by WS-Discovery
WS-Discovery
© 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK
![Page 15: Ws4 dsec talk @ Kickoff RS3](https://reader034.vdocuments.us/reader034/viewer/2022051515/55380fc15503464e418b46bc/html5/thumbnails/15.jpg)
2/21/11 15
Sensor NetworksEmbedded SystemsEnterprise Systems
uDPWSgSOAPAxis2
DPWS Protocol Stack Implementation
Enable Web Service Technology on Devices
Compatibility to Enterprise Web Services
© 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK
--> -->
![Page 16: Ws4 dsec talk @ Kickoff RS3](https://reader034.vdocuments.us/reader034/viewer/2022051515/55380fc15503464e418b46bc/html5/thumbnails/16.jpg)
Stefan Pfeiffer
We bring Service-Oriented Architecture and Web Services technology to devices
Wireless Sensor
Networks
EnterpriseSystems
Embedded Systems
Group Timmermann – Electrical Engineering
2/21/11 16© 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK
![Page 17: Ws4 dsec talk @ Kickoff RS3](https://reader034.vdocuments.us/reader034/viewer/2022051515/55380fc15503464e418b46bc/html5/thumbnails/17.jpg)
• Involved in the WS-DD technical committee together with e.g.
• Participation on Standardization of DPWS
We bring Service-Oriented Architecture and Web Services technology to devices
Wireless Sensor
Networks
EnterpriseSystems
Embedded Systems
2/21/11 17© 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK
Stefan Pfeiffer
Group Timmermann – Electrical Engineering
![Page 18: Ws4 dsec talk @ Kickoff RS3](https://reader034.vdocuments.us/reader034/viewer/2022051515/55380fc15503464e418b46bc/html5/thumbnails/18.jpg)
• Involved in the WS-DD technical committee together with e.g.
• Participation on Standardization of DPWS
• WS4D.org initiative
We bring Service-Oriented Architecture and Web Services technology to devices
Wireless Sensor
Networks
EnterpriseSystems
Embedded Systems
2/21/11 18© 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK
Stefan Pfeiffer
Group Timmermann – Electrical Engineering
![Page 19: Ws4 dsec talk @ Kickoff RS3](https://reader034.vdocuments.us/reader034/viewer/2022051515/55380fc15503464e418b46bc/html5/thumbnails/19.jpg)
• Involved in the WS-DD technical committee together with e.g.
• Participation on Standardization of DPWS
• WS4D.org initiative
• WS-BPEL extension BPEL4D
We bring Service-Oriented Architecture and Web Services technology to devices
Wireless Sensor
Networks
EnterpriseSystems
Embedded Systems
2/21/11 19© 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK
Stefan Pfeiffer
Group Timmermann – Electrical Engineering
![Page 20: Ws4 dsec talk @ Kickoff RS3](https://reader034.vdocuments.us/reader034/viewer/2022051515/55380fc15503464e418b46bc/html5/thumbnails/20.jpg)
• Involved in the WS-DD technical committee together with e.g.
• Participation on Standardization of DPWS
• WS4D.org initiative
• WS-BPEL extension BPEL4D
• Cross Domain Solutions
We bring Service-Oriented Architecture and Web Services technology to devices
Wireless Sensor
Networks
EnterpriseSystems
Embedded Systems
Industrial
Automotive
Tele-communication
Home
Medical
2/21/11 20© 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK
Stefan Pfeiffer
Group Timmermann – Electrical Engineering
![Page 21: Ws4 dsec talk @ Kickoff RS3](https://reader034.vdocuments.us/reader034/viewer/2022051515/55380fc15503464e418b46bc/html5/thumbnails/21.jpg)
2/21/11 21
The Internet of Things
© 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK
![Page 22: Ws4 dsec talk @ Kickoff RS3](https://reader034.vdocuments.us/reader034/viewer/2022051515/55380fc15503464e418b46bc/html5/thumbnails/22.jpg)
2/21/11 22
The Internet of Things
Security ?
© 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK
![Page 23: Ws4 dsec talk @ Kickoff RS3](https://reader034.vdocuments.us/reader034/viewer/2022051515/55380fc15503464e418b46bc/html5/thumbnails/23.jpg)
Security in DPWS
2/21/11 23
RSA
RC4AES
SHA
2/21/11 © 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK
Encryption + Transport Level Security
Encryption U
Security
X.509v3
![Page 24: Ws4 dsec talk @ Kickoff RS3](https://reader034.vdocuments.us/reader034/viewer/2022051515/55380fc15503464e418b46bc/html5/thumbnails/24.jpg)
Security in DPWS
2/21/11 24
Challenges:
• Central Authority may not be available
2/21/11 © 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK
Challenges
![Page 25: Ws4 dsec talk @ Kickoff RS3](https://reader034.vdocuments.us/reader034/viewer/2022051515/55380fc15503464e418b46bc/html5/thumbnails/25.jpg)
Security in DPWS
2/21/11 25
Challenges:
• Central Authority may not be available
• X.509.v3 message overhead
S. Unger,Sichere Service Schnittstellen für vernetzte Automotive
ApplikationenUniversität Rostock© 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK
Challenges
![Page 26: Ws4 dsec talk @ Kickoff RS3](https://reader034.vdocuments.us/reader034/viewer/2022051515/55380fc15503464e418b46bc/html5/thumbnails/26.jpg)
Moteiv TelosB Wireless Sensor Node
CPU: 8 MHz TI MSP430 µC RAM: 10 kByteFlash: 48 kByte
Security in DPWS
2/21/11 26
Challenges:
• Central Authority may not be available
• X.509.v3 message overhead
• Restricted Memory (Ressource)
© 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK
Christian LercheuDPWS – Introduction
http://code.google.com/p/udpws/wiki/Introduction
Challenges
![Page 27: Ws4 dsec talk @ Kickoff RS3](https://reader034.vdocuments.us/reader034/viewer/2022051515/55380fc15503464e418b46bc/html5/thumbnails/27.jpg)
Energy Consumption for Message Signing
Ener
gy C
onsu
mpt
ion
in m
J
0,0
750,0
1500,0
2250,0
3000,0
RSA_1024 RSA_2048 ECC_160 ECC_224
Security in DPWS
2/21/11 27
Challenges:
• Central Authority may not be available
• X.509.v3 message overhead
• Restricted Memory (Ressource)
• Power Consumption
A. S. Wander, N. Gura, H. Eberle, V. Gupta, Sh. Ch. Shantz,“Energy analysis of public-key cryptography for wireless sensor
networks”, 2005© 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK
Challenges
![Page 28: Ws4 dsec talk @ Kickoff RS3](https://reader034.vdocuments.us/reader034/viewer/2022051515/55380fc15503464e418b46bc/html5/thumbnails/28.jpg)
Security in DPWS
2/21/11 28
Challenges:
• Central Authority may not be available
• X.509.v3 message overhead
• Restricted Memory (Ressource)
• Power Consumption
• Granularity of Security Concepts
Transport Level Security
Message Level Security
© 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK
Challenges
Message
-->
![Page 29: Ws4 dsec talk @ Kickoff RS3](https://reader034.vdocuments.us/reader034/viewer/2022051515/55380fc15503464e418b46bc/html5/thumbnails/29.jpg)
Security in DPWS
2/21/11 29
Challenges:
• Central Authority may not be available
• X.509.v3 message overhead
• Restricted Memory (Ressource)
• Power Consumption
• Granularity of Security Concepts
• Interoperability and Integration
© 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK
Challenges
![Page 30: Ws4 dsec talk @ Kickoff RS3](https://reader034.vdocuments.us/reader034/viewer/2022051515/55380fc15503464e418b46bc/html5/thumbnails/30.jpg)
Security in DPWS
2/21/11 30
Challenges:
• Central Authority may not be available
• X.509.v3 message overhead
• Restricted Memory (Ressource)
• Power Consumption
• Granularity of Security Concepts
• Interoperability and Integration
• Formal modelling
© 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK
device interaction
power consumption security aspects
Challenges
![Page 31: Ws4 dsec talk @ Kickoff RS3](https://reader034.vdocuments.us/reader034/viewer/2022051515/55380fc15503464e418b46bc/html5/thumbnails/31.jpg)
Security in DPWS
2/21/11 31
Challenges:
• Central Authority may not be available
• X.509.v3 message overhead
• Restricted Memory (Ressource)
• Power Consumption
• Granularity of Security Concepts
• Interoperability and Integration
• Formal modelling
• Improve / adapt existing solutions --> tools
© 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK
+
Challenges
![Page 32: Ws4 dsec talk @ Kickoff RS3](https://reader034.vdocuments.us/reader034/viewer/2022051515/55380fc15503464e418b46bc/html5/thumbnails/32.jpg)
2/21/11 32© 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK
Approach
Formally model devices,constraints, and requirements
Propose protocols, contracts, algorithms and formally verify them. ...import competencies from RS 3
Validate model in case studies
Validate solutions in case studies
![Page 33: Ws4 dsec talk @ Kickoff RS3](https://reader034.vdocuments.us/reader034/viewer/2022051515/55380fc15503464e418b46bc/html5/thumbnails/33.jpg)
2/21/11 33
DPWS Security Framework
Methods andFormal Verification
for Servicessec
Reliably Secure Web Services for Devices
© 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK
Stefan Pfeiffer Andreas Lehmann
http://ws4dsec.org