XML Signature Exclusion

From WS-Attacks
Revision as of 12:26, 31 October 2015 by Jln7bp (talk | contribs) (1 revision imported: Import from WS-Attacks)
Jump to: navigation, search

Attack description

Attack subtypes

There are no attack subtypes for this attack.


Prerequisites for attack

In order to execute the attack, there are the following prerequisites:

  1. Attacker knows endpoint of web service. otherwise he is not able to reach the web service.
  2. Attacker can reach endpoint from its location.
  3. Attacker is in possession of a validly signed XML message or he is in possession of a valid public certificate and can construct a valid message with a missing XML Signature.


Graphical representation of attack

AttackedComponent Signature.png

  • Red = attacked web service component
  • Black = location of attacker
  • Blue = web service component not directly involved in attack.


Attack example

Practical attacks were shown by Somorovsky et al.[1], who showed how to attack cloud interfaces of Amazon and Eucalyptus cloud providers. This enabled them to execute arbitrary methods on cloud interfaces.


Attack mitigation / countermeasures

Attack categorisation

Categorisation by violated security objective


Categorisation by number of involved parties


Categorisation by attacked component in web service architecture


Categorisation by attack spreading



References

  1. Juraj So­mo­rovs­ky, Mario Hei­de­rich, Meiko Jen­sen, Jörg Schwenk, Nils Grusch­ka, Luigi Lo Ia­co­no. All Your Clouds are Be­long to us – Se­cu­ri­ty Ana­ly­sis of Cloud Ma­nage­ment In­ter­faces. In Pro­cee­dings of the ACM Cloud Com­pu­ting Se­cu­ri­ty Work­shop (CCSW), 2011. https://www.nds.rub.de/research/publications/amazon-hacking/
  2. Juraj Somorovsky. On the In­se­cu­ri­ty of XML Se­cu­ri­ty. PhD thesis supervised by Jörg Schwenk and Kenny Paterson, Ruhr University Bochum. https://www.nds.rub.de/research/publications/xmlinsecurity/