TulaFale: A Security Tool for Web Services
TulaFale is a new specification language for writing machine-checkable descriptions of SOAP-based security protocols and their properties. TulaFale is based on the pi calculus (for writing collections of SOAP processors running in parallel), plus XML syntax (to express SOAP messaging), logical predicates (to construct and filter SOAP messages), and correspondence assertions (to specify authentication goals of protocols). Our implementation compiles TulaFale into the applied pi calculus, and then runs Blanchet's resolution-based protocol verifier. Hence, we can automatically verify authentication and secrecy properties of SOAP protocols.
This release includes scripts, documentation and example policies from our recent papers "Secure Sessions for Web Services" and "Verifying Policy-based Security for Web Services."
|Date Published||15 May 2006|
|Download Size||2.24 MB|