SlideShare a Scribd company logo

Ws4 dsec talk @ Kickoff RS3

Universität Rostock, profile picture
Universität Rostock

This document describes a joint research project between the University of Rostock's Computer Science and Electrical Engineering departments. The project aims to develop tools and formal methods for analyzing systems and synthesizing web services for resource-constrained devices. This will be done by applying the Devices Profile for Web Services (DPWS) standard, which allows using web service technology on embedded systems and sensor networks in a way that is compatible with existing enterprise web services. The goal is to enable web service capabilities on more intelligent devices that increasingly communicate with each other.

Technology
1 of 33
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
www. .org WS4Dsec Reliably Secure Web Services for Devices Andreas Lehmann, Stefan Pfeiffer, Frank Golatowski, Dirk Timmermann, Karsten Wolf 2/21/11 © 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK 1
Joint Interdisciplinary Research Project Electrical www. .org Engineering Prof. Dirk Timmermann Computer Science Prof. Karsten Wolf 2/21/11 © 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK 2
Service Oriented Architecture (SOA) Interaction between business entities register search communicate 2/21/11 © 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK 3
Web Service Technology Interaction between technical entities UDDI query language: WSDL defined by UDDI register search XML Consumer communicate Web Service WS-BPEL WS-BPEL SOAP driven by >50 industry standards 2/21/11 © 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK 4
Group Wolf – Computer Science We provide tools & formal methods for analysis of systems and synthesis of services Andreas Lehmann ? Service Service verification Service WS-BPEL diagnosis – Formal Service Model validation 2/21/11 © 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK 5
Group Wolf – Computer Science We provide tools & formal methods for analysis of systems and synthesis of services others. Andreas ? .. asynchronous Lehmann Service Service hardware circuits verification business processes Service diagnosis WS-BPEL – Service AI Formal Model planning validation biochemical reactions 2/21/11 © 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK 6
Group Wolf – Computer Science We provide tools & formal methods for analysis of systems and synthesis of services Andreas Lehmann Service ? partner synthesis Service ? Service adapter synthesis Service corrections Specification Test test case Test Test Implementation generation 2/21/11 © 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK 7
Group Wolf – Computer Science We provide tools & formal methods for analysis of systems and synthesis of services Andreas Lehmann Service ? partner synthesis Service ? Service adapter synthesis Service corrections Formal Model – Specification WS-BPEL Test test case Test Test Implementation generation 2/21/11 © 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK 8
Group Wolf – Computer Science We provide tools & formal methods for analysis of systems and synthesis of services Andreas Lehmann 2/21/11 © 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK 9
More intelligent devices coffee machine mobile phones clock picture frame electricity meter refrigerator 2/21/11 © 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK 10
More communication between devices 2/21/11 © 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK 11
Web Service Technology to Devices ? Static Configuration Dynamic Configuration Central Directory No Central Directory Resource Hungry Resource Constrained 2/21/11 © 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK 12
DPWS – Devices Profile for Web Services • Standardized by the WS-DD technical committee • Apply the Web Services technology to 
 the domain of embedded systems • Is already integrated by Microsoft and Windows Vista. 2/21/11 © 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK 13
Devices Profile for Web Services Directory WS- Discovery WSDL defined by WS-Discovery search announce XML Device / Consumer communicate Web Service SOAP 2/21/11 © 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK 14
DPWS Protocol Stack Implementation Axis2 gSOAP uDPWS --> --> Enterprise Systems Embedded Systems Sensor Networks Enable Web Service Technology on Devices Compatibility to Enterprise Web Services 2/21/11 © 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK 15
Group Timmermann – Electrical Engineering We bring Service-Oriented Architecture and Web Services technology to devices Stefan Pfeiffer Embedded Systems Wireless Sensor Networks Enterprise Systems 2/21/11 © 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK 16
Group Timmermann – Electrical Engineering We bring Service-Oriented Architecture and Web Services technology to devices Stefan Pfeiffer • Involved in the WS-DD Embedded technical committee together with Systems e.g. Wireless Sensor Networks • Participation on Standardization of DPWS Enterprise Systems 2/21/11 © 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK 17
Group Timmermann – Electrical Engineering We bring Service-Oriented Architecture and Web Services technology to devices Stefan Pfeiffer • Involved in the WS-DD Embedded technical committee together with Systems e.g. Wireless Sensor Networks • Participation on Standardization of DPWS Enterprise • WS4D.org initiative Systems 2/21/11 © 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK 18
Group Timmermann – Electrical Engineering We bring Service-Oriented Architecture and Web Services technology to devices Stefan Pfeiffer • Involved in the WS-DD Embedded technical committee together with Systems e.g. Wireless Sensor Networks • Participation on Standardization of DPWS Enterprise • WS4D.org initiative Systems • WS-BPEL extension BPEL4D 2/21/11 © 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK 19
Group Timmermann – Electrical Engineering We bring Service-Oriented Architecture and Web Services technology to devices • Involved in the WS-DD Stefan Pfeiffer Embedded technical committee together with e.g. Systems Wireless Sensor Networks Industrial Home • Participation on Standardization of Automotive DPWS • WS4D.org initiative Enterprise Systems • WS-BPEL extension BPEL4D Tele- communication Medical • Cross Domain Solutions 2/21/11 © 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK 20
The Internet of Things 2/21/11 © 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK 21
The Internet of Things Security ? 2/21/11 © 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK 22
Security in DPWS RSA  X.509v3 SHA Encryption + Transport Level Security RC4 AES Encryption U Security 2/21/11 © 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK 23
Challenges Challenges: Security in DPWS • Central Authority may not be available 2/21/11 © 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK 24
Challenges Challenges: Security in DPWS • Central Authority may not be available • X.509.v3 message overhead S. Unger, Sichere Service Schnittstellen für vernetzte Automotive Applikationen 2/21/11 Universität Rostock © 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK 25
Challenges Challenges: Security in DPWS Moteiv TelosB Wireless Sensor Node • Central Authority may not be available CPU: 8 MHz TI MSP430 µC • X.509.v3 message overhead RAM: 10 kByte Flash: 48 kByte • Restricted Memory (Ressource) Christian Lerche uDPWS – Introduction http://code.google.com/p/udpws/wiki/ 2/21/11 Introduction © 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK 26
Challenges Challenges: Security in DPWS Energy Consumption for Message Signing • Central Authority may not be available 3000,0 • X.509.v3 message overhead Energy Consumption in mJ 2250,0 • Restricted Memory (Ressource) • Power Consumption 1500,0 750,0 0,0 RSA_1024 RSA_2048 ECC_160 ECC_224 A. S. Wander, N. Gura, H. Eberle, V. Gupta, Sh. Ch. Shantz, “Energy analysis of public-key cryptography for wireless sensor 2/21/11 networks”, 2005 © 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK 27
Challenges Challenges: Security in DPWS • Central Authority may not be available • X.509.v3 message overhead • Restricted Memory (Ressource) Transport Level • Power Consumption Security --> • Granularity of Security Concepts Message Message Level Security 2/21/11 © 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK 28
Challenges Challenges: Security in DPWS • Central Authority may not be available • X.509.v3 message overhead • Restricted Memory (Ressource) • Power Consumption • Granularity of Security Concepts • Interoperability and Integration 2/21/11 © 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK 29
Challenges Challenges: Security in DPWS device • Central Authority may not be available interaction • X.509.v3 message overhead • Restricted Memory (Ressource) • Power Consumption • Granularity of Security Concepts • Interoperability and Integration • Formal modelling power consumption security aspects 2/21/11 © 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK 30
Challenges Challenges: Security in DPWS • Central Authority may not be available • X.509.v3 message overhead • Restricted Memory (Ressource) • Power Consumption + • Granularity of Security Concepts • Interoperability and Integration • Formal modelling • Improve / adapt existing solutions --> tools 2/21/11 © 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK 31
Approach Formally model devices, constraints, and requirements Validate model in case studies Propose protocols, contracts, algorithms and formally verify them. ...import competencies from RS 3 Validate solutions in case studies 2/21/11 © 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK 32
Reliably Secure Web Services for Devices Stefan Pfeiffer Andreas Lehmann DPWS Methods and Security sec Formal Verification Framework for Services http://ws4dsec.org 2/21/11 © 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK 33

More Related Content

PDF
Networking ieee-project-topics-ocularsystems.in
Ocular Systems
 
PPT
Web Services Discovery for Devices
Jorgen Thelin
 
PDF
Optimised Calculation of Symmetries for State Space Reduction
Universität Rostock
 
PDF
Analyzing Interacting BPEL Processes
Universität Rostock
 
PDF
Analyzing BPEL4Chor: Verification and Participant Synthesis
Universität Rostock
 
PDF
Correctness Ensuring Process Configuration: An Approach Based on Partner Synt...
Universität Rostock
 
PDF
Analyzing Interacting BPEL Processes - An Overview of the Chair’s Work
Universität Rostock
 
PPTX
Extending the Compatibility Notion for Abstract WS-BPEL Processes
Universität Rostock
 
Networking ieee-project-topics-ocularsystems.in
Ocular Systems
 
Web Services Discovery for Devices
Jorgen Thelin
 
Optimised Calculation of Symmetries for State Space Reduction
Universität Rostock
 
Analyzing Interacting BPEL Processes
Universität Rostock
 
Analyzing BPEL4Chor: Verification and Participant Synthesis
Universität Rostock
 
Correctness Ensuring Process Configuration: An Approach Based on Partner Synt...
Universität Rostock
 
Analyzing Interacting BPEL Processes - An Overview of the Chair’s Work
Universität Rostock
 
Extending the Compatibility Notion for Abstract WS-BPEL Processes
Universität Rostock
 

Viewers also liked (12)

PPTX
Why does my service have no partners?
Universität Rostock
 
PPT
Set Algebra for Service Behavior
Universität Rostock
 
PDF
service-technology.org — A tool family for correct
business processes and ser...
Universität Rostock
 
PPT
Controllability: A Soundness Criterion for Services
Universität Rostock
 
PDF
Saarbruecken
Universität Rostock
 
PDF
Tools4BPEL Tutorial
Universität Rostock
 
PDF
Decidability Issues for Decentralized Controllability of Open Nets
Universität Rostock
 
PDF
Where did I go wrong? Explaining errors in process models
Universität Rostock
 
PDF
Decentralized Controllability
Universität Rostock
 
PDF
Diagnosis of Open Workflow Nets
Universität Rostock
 
PPT
A Theory of Service Behavior
Universität Rostock
 
PDF
LoLA - a low-level Petri net analyzer
Universität Rostock
 
Why does my service have no partners?
Universität Rostock
 
Set Algebra for Service Behavior
Universität Rostock
 
service-technology.org — A tool family for correct
business processes and ser...
Universität Rostock
 
Controllability: A Soundness Criterion for Services
Universität Rostock
 
Saarbruecken
Universität Rostock
 
Tools4BPEL Tutorial
Universität Rostock
 
Decidability Issues for Decentralized Controllability of Open Nets
Universität Rostock
 
Where did I go wrong? Explaining errors in process models
Universität Rostock
 
Decentralized Controllability
Universität Rostock
 
Diagnosis of Open Workflow Nets
Universität Rostock
 
A Theory of Service Behavior
Universität Rostock
 
LoLA - a low-level Petri net analyzer
Universität Rostock
 
Ad

Similar to Ws4 dsec talk @ Kickoff RS3 (20)

PDF
Industry Segula
Gina Carpio HR Business Partner
 
PDF
Industry Segula
Gina Carpio HR Business Partner
 
PDF
Steps towards an industrial implementation of HSSP standards
Libero Maesano
 
PDF
Cassandra framework a service oriented distributed multimedia
João Gabriel Lima
 
PDF
Simplify Your Gape work Operations in four Steps.pdf
Narciso Lebsack
 
PDF
Modeling Service Relationships for Service Networks
Jorge Cardoso
 
PPTX
2011-11-07 Open PHACTS Poster
open_phacts
 
PDF
IEEE DEST 2013 tGov presentation (Transformational Government: Sustainable In...
Hans A. Kielland Aanesen
 
PPTX
Retrofitting a Factory Automation System to Address Market Needs and Societal...
FAST-Lab. Factory Automation Systems and Technologies Laboratory, Tampere University of Technology
 
PDF
Elstr Service Department Web Portal - Demo Application
Intelliact AG
 
PDF
20080422 Overview of ICT research in Software & Services
Arian Zwegers
 
PDF
Open Semantic Service Networks: Modeling and Analysis
Jorge Cardoso
 
PPTX
Services and Linked Data: John Domingue (KMi, UK)
FIA2010
 
PPT
The OMG UML Testing Profile in Use--An Industrial Case Study for the Future I...
Alessandra Bagnato
 
PDF
Wi iat-bootstrapping the analysis of large-scale web service networks-v3
Shahab Mokarizadeh
 
PDF
saad15_Final Thesis Draft
Sasank Sai Sujan Adapa
 
PDF
Kalman Graffi - 10 Slide - 2010
Kalman Graffi
 
PDF
20091021 At Crossroads: Internet of Services Research beyond Call 5
Arian Zwegers
 
PDF
Kalman Graffi - Monitoring and Management of P2P Systems - 2010
Kalman Graffi
 
PDF
Effects of Wireless Packet Loss in Industrial Process Control Systems
ISA Interchange
 
Industry Segula
Gina Carpio HR Business Partner
 
Industry Segula
Gina Carpio HR Business Partner
 
Steps towards an industrial implementation of HSSP standards
Libero Maesano
 
Cassandra framework a service oriented distributed multimedia
João Gabriel Lima
 
Simplify Your Gape work Operations in four Steps.pdf
Narciso Lebsack
 
Modeling Service Relationships for Service Networks
Jorge Cardoso
 
2011-11-07 Open PHACTS Poster
open_phacts
 
IEEE DEST 2013 tGov presentation (Transformational Government: Sustainable In...
Hans A. Kielland Aanesen
 
Retrofitting a Factory Automation System to Address Market Needs and Societal...
FAST-Lab. Factory Automation Systems and Technologies Laboratory, Tampere University of Technology
 
Elstr Service Department Web Portal - Demo Application
Intelliact AG
 
20080422 Overview of ICT research in Software & Services
Arian Zwegers
 
Open Semantic Service Networks: Modeling and Analysis
Jorge Cardoso
 
Services and Linked Data: John Domingue (KMi, UK)
FIA2010
 
The OMG UML Testing Profile in Use--An Industrial Case Study for the Future I...
Alessandra Bagnato
 
Wi iat-bootstrapping the analysis of large-scale web service networks-v3
Shahab Mokarizadeh
 
saad15_Final Thesis Draft
Sasank Sai Sujan Adapa
 
Kalman Graffi - 10 Slide - 2010
Kalman Graffi
 
20091021 At Crossroads: Internet of Services Research beyond Call 5
Arian Zwegers
 
Kalman Graffi - Monitoring and Management of P2P Systems - 2010
Kalman Graffi
 
Effects of Wireless Packet Loss in Industrial Process Control Systems
ISA Interchange
 
Ad

More from Universität Rostock (20)

PDF
Pragmatic model checking: from theory to implementations
Universität Rostock
 
PDF
Decidability Results for Choreography Realization
Universität Rostock
 
PDF
Artifact-centric modeling using BPMN
Universität Rostock
 
PDF
Compliance by Design for Artifact-Centric Business Processes
Universität Rostock
 
KEY
Verification with LoLA
Universität Rostock
 
KEY
Verification with LoLA: 7 Implementation
Universität Rostock
 
KEY
Verification with LoLA: 6 Integrating LoLA
Universität Rostock
 
KEY
Verification with LoLA: 5 Case Studies
Universität Rostock
 
KEY
Verification with LoLA: 4 Using LoLA
Universität Rostock
 
KEY
Verification with LoLA: 3 State Space Reduction
Universität Rostock
 
KEY
Verification with LoLA: 1 Basics
Universität Rostock
 
KEY
Verification with LoLA: 2 The LoLA Input Language
Universität Rostock
 
PDF
Internal Behavior Reduction for Services
Universität Rostock
 
PDF
Karsten Wolf @ Carl Adam Petri Memorial Symposium
Universität Rostock
 
PDF
Implementation of an Interleaving Semantics for TLDA
Universität Rostock
 
PDF
Formale Fundierung und effizientere Implementierung der schrittbasierten TLDA...
Universität Rostock
 
PDF
Demonstration of BPEL2oWFN and Fiona
Universität Rostock
 
PDF
Analyzing Web Service Behavior
Universität Rostock
 
PDF
Modellierung eines verteilten Algorithmus
Universität Rostock
 
PDF
Analyzing Interacting BPEL Processes - A Tool Demo
Universität Rostock
 
Pragmatic model checking: from theory to implementations
Universität Rostock
 
Decidability Results for Choreography Realization
Universität Rostock
 
Artifact-centric modeling using BPMN
Universität Rostock
 
Compliance by Design for Artifact-Centric Business Processes
Universität Rostock
 
Verification with LoLA
Universität Rostock
 
Verification with LoLA: 7 Implementation
Universität Rostock
 
Verification with LoLA: 6 Integrating LoLA
Universität Rostock
 
Verification with LoLA: 5 Case Studies
Universität Rostock
 
Verification with LoLA: 4 Using LoLA
Universität Rostock
 
Verification with LoLA: 3 State Space Reduction
Universität Rostock
 
Verification with LoLA: 1 Basics
Universität Rostock
 
Verification with LoLA: 2 The LoLA Input Language
Universität Rostock
 
Internal Behavior Reduction for Services
Universität Rostock
 
Karsten Wolf @ Carl Adam Petri Memorial Symposium
Universität Rostock
 
Implementation of an Interleaving Semantics for TLDA
Universität Rostock
 
Formale Fundierung und effizientere Implementierung der schrittbasierten TLDA...
Universität Rostock
 
Demonstration of BPEL2oWFN and Fiona
Universität Rostock
 
Analyzing Web Service Behavior
Universität Rostock
 
Modellierung eines verteilten Algorithmus
Universität Rostock
 
Analyzing Interacting BPEL Processes - A Tool Demo
Universität Rostock
 

Recently uploaded (20)

PPTX
sap open course for s4hana steps from ECC to s4
sreeni2106invites
 
PDF
MIND Revenue Release Quarter 2 2025 Press Release
MIND CTI
 
PPTX
Spectroscopy.pptx food analysis technology
nawahassan45
 
DOCX
The AUB Centre for AI in Media Proposal.docx
GAONE9
 
PDF
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
PPTX
MYSQL Presentation for SQL database connectivity
Swati270511
 
PPT
“AI and Expert System Decision Support & Business Intelligence Systems”
ZubinRadhakrishnan
 
PPTX
Big Data Technologies - Introduction.pptx
kuthubussaman1
 
PPTX
Programs and apps: productivity, graphics, security and other tools
4mqw9zch22
 
PPTX
20250228 LYD VKU AI Blended-Learning.pptx
DatVoNgoc
 
PDF
Reach Out and Touch Someone: Haptics and Empathic Computing
Mark Billinghurst
 
PDF
Profit Center Accounting in SAP S/4HANA, S4F28 Col11
Libreria ERP
 
PDF
How UI/UX Design Impacts User Retention in Mobile Apps.pdf
SynapseIndia
 
PDF
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
PDF
The Rise and Fall of 3GPP – Time for a Sabbatical?
3G4G
 
PDF
Optimiser vos workloads AI/ML sur Amazon EC2 et AWS Graviton
Julien SIMON
 
PDF
Advanced methodologies resolving dimensionality complications for autism neur...
IAESIJAI
 
PDF
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
PDF
KodekX | Application Modernization Development
KodekX
 
PDF
Encapsulation theory and applications.pdf
gurumoop
 
sap open course for s4hana steps from ECC to s4
sreeni2106invites
 
MIND Revenue Release Quarter 2 2025 Press Release
MIND CTI
 
Spectroscopy.pptx food analysis technology
nawahassan45
 
The AUB Centre for AI in Media Proposal.docx
GAONE9
 
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
MYSQL Presentation for SQL database connectivity
Swati270511
 
“AI and Expert System Decision Support & Business Intelligence Systems”
ZubinRadhakrishnan
 
Big Data Technologies - Introduction.pptx
kuthubussaman1
 
Programs and apps: productivity, graphics, security and other tools
4mqw9zch22
 
20250228 LYD VKU AI Blended-Learning.pptx
DatVoNgoc
 
Reach Out and Touch Someone: Haptics and Empathic Computing
Mark Billinghurst
 
Profit Center Accounting in SAP S/4HANA, S4F28 Col11
Libreria ERP
 
How UI/UX Design Impacts User Retention in Mobile Apps.pdf
SynapseIndia
 
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
The Rise and Fall of 3GPP – Time for a Sabbatical?
3G4G
 
Optimiser vos workloads AI/ML sur Amazon EC2 et AWS Graviton
Julien SIMON
 
Advanced methodologies resolving dimensionality complications for autism neur...
IAESIJAI
 
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
KodekX | Application Modernization Development
KodekX
 
Encapsulation theory and applications.pdf
gurumoop
 

Ws4 dsec talk @ Kickoff RS3

  • 1. www. .org WS4Dsec Reliably Secure Web Services for Devices Andreas Lehmann, Stefan Pfeiffer, Frank Golatowski, Dirk Timmermann, Karsten Wolf 2/21/11 © 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK 1
  • 2. Joint Interdisciplinary Research Project Electrical www. .org Engineering Prof. Dirk Timmermann Computer Science Prof. Karsten Wolf 2/21/11 © 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK 2
  • 3. Service Oriented Architecture (SOA) Interaction between business entities register search communicate 2/21/11 © 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK 3
  • 4. Web Service Technology Interaction between technical entities UDDI query language: WSDL defined by UDDI register search XML Consumer communicate Web Service WS-BPEL WS-BPEL SOAP driven by >50 industry standards 2/21/11 © 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK 4
  • 5. Group Wolf – Computer Science We provide tools & formal methods for analysis of systems and synthesis of services Andreas Lehmann ? Service Service verification Service WS-BPEL diagnosis – Formal Service Model validation 2/21/11 © 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK 5
  • 6. Group Wolf – Computer Science We provide tools & formal methods for analysis of systems and synthesis of services others. Andreas ? .. asynchronous Lehmann Service Service hardware circuits verification business processes Service diagnosis WS-BPEL – Service AI Formal Model planning validation biochemical reactions 2/21/11 © 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK 6
  • 7. Group Wolf – Computer Science We provide tools & formal methods for analysis of systems and synthesis of services Andreas Lehmann Service ? partner synthesis Service ? Service adapter synthesis Service corrections Specification Test test case Test Test Implementation generation 2/21/11 © 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK 7
  • 8. Group Wolf – Computer Science We provide tools & formal methods for analysis of systems and synthesis of services Andreas Lehmann Service ? partner synthesis Service ? Service adapter synthesis Service corrections Formal Model – Specification WS-BPEL Test test case Test Test Implementation generation 2/21/11 © 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK 8
  • 9. Group Wolf – Computer Science We provide tools & formal methods for analysis of systems and synthesis of services Andreas Lehmann 2/21/11 © 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK 9
  • 10. More intelligent devices coffee machine mobile phones clock picture frame electricity meter refrigerator 2/21/11 © 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK 10
  • 11. More communication between devices 2/21/11 © 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK 11
  • 12. Web Service Technology to Devices ? Static Configuration Dynamic Configuration Central Directory No Central Directory Resource Hungry Resource Constrained 2/21/11 © 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK 12
  • 13. DPWS – Devices Profile for Web Services • Standardized by the WS-DD technical committee • Apply the Web Services technology to 
 the domain of embedded systems • Is already integrated by Microsoft and Windows Vista. 2/21/11 © 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK 13
  • 14. Devices Profile for Web Services Directory WS- Discovery WSDL defined by WS-Discovery search announce XML Device / Consumer communicate Web Service SOAP 2/21/11 © 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK 14
  • 15. DPWS Protocol Stack Implementation Axis2 gSOAP uDPWS --> --> Enterprise Systems Embedded Systems Sensor Networks Enable Web Service Technology on Devices Compatibility to Enterprise Web Services 2/21/11 © 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK 15
  • 16. Group Timmermann – Electrical Engineering We bring Service-Oriented Architecture and Web Services technology to devices Stefan Pfeiffer Embedded Systems Wireless Sensor Networks Enterprise Systems 2/21/11 © 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK 16
  • 17. Group Timmermann – Electrical Engineering We bring Service-Oriented Architecture and Web Services technology to devices Stefan Pfeiffer • Involved in the WS-DD Embedded technical committee together with Systems e.g. Wireless Sensor Networks • Participation on Standardization of DPWS Enterprise Systems 2/21/11 © 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK 17
  • 18. Group Timmermann – Electrical Engineering We bring Service-Oriented Architecture and Web Services technology to devices Stefan Pfeiffer • Involved in the WS-DD Embedded technical committee together with Systems e.g. Wireless Sensor Networks • Participation on Standardization of DPWS Enterprise • WS4D.org initiative Systems 2/21/11 © 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK 18
  • 19. Group Timmermann – Electrical Engineering We bring Service-Oriented Architecture and Web Services technology to devices Stefan Pfeiffer • Involved in the WS-DD Embedded technical committee together with Systems e.g. Wireless Sensor Networks • Participation on Standardization of DPWS Enterprise • WS4D.org initiative Systems • WS-BPEL extension BPEL4D 2/21/11 © 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK 19
  • 20. Group Timmermann – Electrical Engineering We bring Service-Oriented Architecture and Web Services technology to devices • Involved in the WS-DD Stefan Pfeiffer Embedded technical committee together with e.g. Systems Wireless Sensor Networks Industrial Home • Participation on Standardization of Automotive DPWS • WS4D.org initiative Enterprise Systems • WS-BPEL extension BPEL4D Tele- communication Medical • Cross Domain Solutions 2/21/11 © 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK 20
  • 21. The Internet of Things 2/21/11 © 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK 21
  • 22. The Internet of Things Security ? 2/21/11 © 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK 22
  • 23. Security in DPWS RSA  X.509v3 SHA Encryption + Transport Level Security RC4 AES Encryption U Security 2/21/11 © 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK 23
  • 24. Challenges Challenges: Security in DPWS • Central Authority may not be available 2/21/11 © 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK 24
  • 25. Challenges Challenges: Security in DPWS • Central Authority may not be available • X.509.v3 message overhead S. Unger, Sichere Service Schnittstellen für vernetzte Automotive Applikationen 2/21/11 Universität Rostock © 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK 25
  • 26. Challenges Challenges: Security in DPWS Moteiv TelosB Wireless Sensor Node • Central Authority may not be available CPU: 8 MHz TI MSP430 µC • X.509.v3 message overhead RAM: 10 kByte Flash: 48 kByte • Restricted Memory (Ressource) Christian Lerche uDPWS – Introduction http://code.google.com/p/udpws/wiki/ 2/21/11 Introduction © 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK 26
  • 27. Challenges Challenges: Security in DPWS Energy Consumption for Message Signing • Central Authority may not be available 3000,0 • X.509.v3 message overhead Energy Consumption in mJ 2250,0 • Restricted Memory (Ressource) • Power Consumption 1500,0 750,0 0,0 RSA_1024 RSA_2048 ECC_160 ECC_224 A. S. Wander, N. Gura, H. Eberle, V. Gupta, Sh. Ch. Shantz, “Energy analysis of public-key cryptography for wireless sensor 2/21/11 networks”, 2005 © 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK 27
  • 28. Challenges Challenges: Security in DPWS • Central Authority may not be available • X.509.v3 message overhead • Restricted Memory (Ressource) Transport Level • Power Consumption Security --> • Granularity of Security Concepts Message Message Level Security 2/21/11 © 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK 28
  • 29. Challenges Challenges: Security in DPWS • Central Authority may not be available • X.509.v3 message overhead • Restricted Memory (Ressource) • Power Consumption • Granularity of Security Concepts • Interoperability and Integration 2/21/11 © 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK 29
  • 30. Challenges Challenges: Security in DPWS device • Central Authority may not be available interaction • X.509.v3 message overhead • Restricted Memory (Ressource) • Power Consumption • Granularity of Security Concepts • Interoperability and Integration • Formal modelling power consumption security aspects 2/21/11 © 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK 30
  • 31. Challenges Challenges: Security in DPWS • Central Authority may not be available • X.509.v3 message overhead • Restricted Memory (Ressource) • Power Consumption + • Granularity of Security Concepts • Interoperability and Integration • Formal modelling • Improve / adapt existing solutions --> tools 2/21/11 © 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK 31
  • 32. Approach Formally model devices, constraints, and requirements Validate model in case studies Propose protocols, contracts, algorithms and formally verify them. ...import competencies from RS 3 Validate solutions in case studies 2/21/11 © 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK 32
  • 33. Reliably Secure Web Services for Devices Stefan Pfeiffer Andreas Lehmann DPWS Methods and Security sec Formal Verification Framework for Services http://ws4dsec.org 2/21/11 © 2011 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK UND ELEKTROTECHNIK 33