Extensão de Segurança para o Perfil DPWS
Abstract
Recently Web Services has been the target of standards and specifications to determine its application directly in embedded devices. The DPWS specification is an example of efforts in this direction. This paper presents a proposed extension of a Security Service to the model's functional DPWS. This extension treats the security aspects independently, following the definitions of WS-Security and WS-SecureConversation. This extended model is applied to a prototype system for managing the distribution of electricity in order to evince the efficiency of the propositions and choices.References
Almqvist, L e Wikstrom, R. (1994) “Standardizing energy management by using simple network managementprotocol”, In: Telecommunications Energy Conference, 1994. INTELEC '94., 16th International.
Bartel, M., Boyer, J., e Fox, B. (2002). XML-Signature Syntax and Processing. W3C.
Castro, A L S et al. (2001) “Power Quality Monitoring Instrument for Energy Distribution Feeder”, 11th IMEKO TC-4 Symposium Trends in Electrical Measurement and Instrumentation and 6th EuroWorkshop on ADC modelling and testing, Lisbon - PORTUGAL, September 13-14.
Dierks, T. et al. (1999) “The TLS Protocol”, Version 1.0, http://www.ietf.org/rfc/rfc2246.txt, IETF RFC 2246, January 1999.
DPWS (2009). Devices Profile for Web Services. OASIS.
Hernández, V., López, L., Prieto, O., Martínez, J. F., García, A. B. e Da-Silva., A. (2009) “Security Framework for DPWS Compliant Devices”. In: Emerging Security Information, Systems and Technologies, 2009. SECURWARE '09. Third International Conference.
Imamura, T., Dillaway, B., e Simon, E. (2002). XML Encryp. Syntax and Proc. W3C.
Jammes, F., Mensch, A. e Smit, H. (2005) “Service-Oriented Device Communications Using the Devices Profile for Web Services”. In: Proceedings of the 3rd international workshop on Middleware for pervasive and ad-hoc computing, páginas: 1-8, Grenoble, France.
Karnouskos, S. e Tariq, M. M. J. (2009) “Using Multi-Agent Systems to Simulate Dynamic Infrastructures Populated with Large Numbers of Web Service Enabled Devices”. In: The 9th International Symposium on Autonomous Decentralized Systems – ISADS, Athens, Greece.
Martínez, J. F., López, M., Hernández, V., Jean-Marie, K., García, A. B., López, L., Herrera, C. e Sánchez-Alarcos, C. J. (2008) “A security architectural approach for DPWS-based devices”. In: CollECTeR Ibéroamérica 2008 conference. Madrid, Spain.
OASIS (2004). WS Security: SOAP Message Security 1.0. OASIS.
OASIS (2007). WS-SecureConversation. OASIS.
OASIS (2009). Web Services Dynamic Discovery (WS-Discovery). OASIS.
Pras, A., Drevers, T., van de Meent, R. e Quartel. D. (2004) “Comparing the Performance of SNMP and Web Services-Based Management”, In: ETRANSACTIONS ON NETWORK AND SERVICE MANAGEMENT, FALL 2004. IEEE 2004.
RFC 2631 (1999). “Diffie-Hellman Key Agreement Method”. E. Rescorla Junho 1999.
W3C (2006a). Web Services Transfer (WS-Transfer). W3C. Disponível em: http://www.w3.org/Submission/WS-Transfer/
W3C (2006b). Web Services Addressing 1.0 - Core. W3C. Disponível em: http://www.w3.org/TR/ws-addr-core/
W3C (2007). Web Services Policy 1.5 – Framework. W3C. Disponível em: http://www.w3.org/TR/ws-policy/
Bartel, M., Boyer, J., e Fox, B. (2002). XML-Signature Syntax and Processing. W3C.
Castro, A L S et al. (2001) “Power Quality Monitoring Instrument for Energy Distribution Feeder”, 11th IMEKO TC-4 Symposium Trends in Electrical Measurement and Instrumentation and 6th EuroWorkshop on ADC modelling and testing, Lisbon - PORTUGAL, September 13-14.
Dierks, T. et al. (1999) “The TLS Protocol”, Version 1.0, http://www.ietf.org/rfc/rfc2246.txt, IETF RFC 2246, January 1999.
DPWS (2009). Devices Profile for Web Services. OASIS.
Hernández, V., López, L., Prieto, O., Martínez, J. F., García, A. B. e Da-Silva., A. (2009) “Security Framework for DPWS Compliant Devices”. In: Emerging Security Information, Systems and Technologies, 2009. SECURWARE '09. Third International Conference.
Imamura, T., Dillaway, B., e Simon, E. (2002). XML Encryp. Syntax and Proc. W3C.
Jammes, F., Mensch, A. e Smit, H. (2005) “Service-Oriented Device Communications Using the Devices Profile for Web Services”. In: Proceedings of the 3rd international workshop on Middleware for pervasive and ad-hoc computing, páginas: 1-8, Grenoble, France.
Karnouskos, S. e Tariq, M. M. J. (2009) “Using Multi-Agent Systems to Simulate Dynamic Infrastructures Populated with Large Numbers of Web Service Enabled Devices”. In: The 9th International Symposium on Autonomous Decentralized Systems – ISADS, Athens, Greece.
Martínez, J. F., López, M., Hernández, V., Jean-Marie, K., García, A. B., López, L., Herrera, C. e Sánchez-Alarcos, C. J. (2008) “A security architectural approach for DPWS-based devices”. In: CollECTeR Ibéroamérica 2008 conference. Madrid, Spain.
OASIS (2004). WS Security: SOAP Message Security 1.0. OASIS.
OASIS (2007). WS-SecureConversation. OASIS.
OASIS (2009). Web Services Dynamic Discovery (WS-Discovery). OASIS.
Pras, A., Drevers, T., van de Meent, R. e Quartel. D. (2004) “Comparing the Performance of SNMP and Web Services-Based Management”, In: ETRANSACTIONS ON NETWORK AND SERVICE MANAGEMENT, FALL 2004. IEEE 2004.
RFC 2631 (1999). “Diffie-Hellman Key Agreement Method”. E. Rescorla Junho 1999.
W3C (2006a). Web Services Transfer (WS-Transfer). W3C. Disponível em: http://www.w3.org/Submission/WS-Transfer/
W3C (2006b). Web Services Addressing 1.0 - Core. W3C. Disponível em: http://www.w3.org/TR/ws-addr-core/
W3C (2007). Web Services Policy 1.5 – Framework. W3C. Disponível em: http://www.w3.org/TR/ws-policy/
Published
2010-10-11
How to Cite
MENDONÇA, Igor Thiago Marques; FRAGA, Joni da Silva; DIAS, Roberto Alexandre.
Extensão de Segurança para o Perfil DPWS. In: BRAZILIAN SYMPOSIUM ON INFORMATION AND COMPUTATIONAL SYSTEMS SECURITY (SBSEG), 10. , 2010, Fortaleza.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2010
.
p. 133-146.
DOI: https://doi.org/10.5753/sbseg.2010.20583.
