TulaFale: A Security Tool for Web Services

Web services security specifications are typically expressed as a mixture of XML schemas, example messages, and narrative explanations. We propose a new specification language for writing complementary machine-checkable descriptions of SOAP-based security protocols and their properties. Our TulaFale language is based on the pi calculus (for writing collections of SOAP processors running in parallel), plus XML syntax (to express SOAP messaging), logical predicates (to construct and filter SOAP messages), and correspondence assertions (to specify authentication goals of protocols). Our implementation compiles TulaFale into the applied pi calculus, and then runs Blanchet’s resolution-based protocol verifier. Hence, we can automatically verify authentication properties of SOAP protocols. 1 Verifying Web Services Security Web services are a wide-area distributed systems technology, based on asynchronous exchanges of XML messages conforming to the SOAP message format [BEK00,W3C03]. The WS-Security standard [NKHBM04] describes how to sign and encrypt portions of SOAP messages, so as to achieve end-to-end security. This paper introduces TulaFale, a new language for defining and automatically verifying models of SOAP-based cryptographic protocols, and illustrates its usage for a typical request/response protocol: we sketch the protocol, describe potential attacks, and then give a detailed description of how to define and check the request and response messages in TulaFale.