Affiliation:
1. Universiti Sains Islam Malaysia
Abstract
This paper introduces a new approach in countermeasuring XML signature wrapping attack called the Spatial Signature Algorithm (SSA). The motivation for proposing the SSA approach is due to the limitation of the SOAP (Simple Object Access Protocol) in handling the XML signature wrapping attacks. A different strategy is to be planned in order to deter such attack without extensive computational expense. Spatial Signature Algorithm builds upon the notion of ratio signature that is recommended by a research in biotechnology. The research suggests the possibility of diagnosing a specific disease based on the idea of ratios, specifically on the comparative relationship between elements to detect the emergence of certain threats. Bridging this notion to security, the principle of using space and ratio to detect abnormality is extended to the application of spatial information and digital signature to detect and combat the XML wrapping signature attack.
Publisher
Trans Tech Publications, Ltd.
Reference14 articles.
1. J. M. Tekli, E. Damiani, R. Chbeir, G. Gianini, SOAP processing performance and enhancement, IEEE Transactions on Services Computing. 5(3)(2012)387-403.
2. H. Sumino, N. Ishikawa, S. Murakami, H. Tsuji, T. Kato, Applying XML Signature and XML Encryption to Peer-to-Peer Platform Security, 4th IEEE Consumer Communications and Networking Conference. (2007) 638-642.
3. M. McIntosh, P. Austel, XML signature element wrapping attacks and countermeasures, Proceedings of the 2005 workshop on Secure web services. (2005) 20-27.
4. N. Gruschka, L. L. Lacono, Vulnerable cloud: SOAP message security validation revisited, IEEE International Conference on Web Services, Los Angeles, CA, USA. (2009).
5. H. R. Kouchaksaraei, A. G. Chefranov, Countering Wrapping Attack on XML Signature in SOAP Message for Cloud Computing. arXiv preprint arXiv:1310.0441 (2013).