+

CN101588363B - Method for estabilishing Web service security analysis model based on program slice - Google Patents

Method for estabilishing Web service security analysis model based on program slice Download PDF

Info

Publication number
CN101588363B
CN101588363B CN2009100693254A CN200910069325A CN101588363B CN 101588363 B CN101588363 B CN 101588363B CN 2009100693254 A CN2009100693254 A CN 2009100693254A CN 200910069325 A CN200910069325 A CN 200910069325A CN 101588363 B CN101588363 B CN 101588363B
Authority
CN
China
Prior art keywords
security
web service
analysis
slice
service
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN2009100693254A
Other languages
Chinese (zh)
Other versions
CN101588363A (en
Inventor
李晓红
冯志勇
刘然
徐超
许光全
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Jiangsu Yongda Energy Group Co.,Ltd.
Original Assignee
Tianjin University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Tianjin University filed Critical Tianjin University
Priority to CN2009100693254A priority Critical patent/CN101588363B/en
Publication of CN101588363A publication Critical patent/CN101588363A/en
Application granted granted Critical
Publication of CN101588363B publication Critical patent/CN101588363B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Landscapes

  • Storage Device Security (AREA)

Abstract

本发明涉及软件构建技术、网络安全,特别是建立基于程序切片的Web服务安全分析模型的方法。本发明提出一种建立基于程序切片的Web服务安全分析模型的方法,以从内部和外部对网络服务中关键信息和普通消息进行保护,提高网络服务安全性,本发明采用的技术方案是:1)建立切片器模块,用于Web服务实现代码中获取信息流抽象;2)建立网络服务分析模块,用于发现关键信息通过当前服务接口泄漏给互联网用户的安全违背情况,包括独立网络服务的安全分析和网络服务网络的安全分析;3)建立安全报告模块,用于基于模型分析结果,结合已有的web服务安全规范和过程中提出的安全措施,生成相应的安全报告。本发明主要用于提供Web服务安全。

Figure 200910069325

The invention relates to software construction technology and network security, especially a method for establishing a program slicing-based Web service security analysis model. The present invention proposes a method for establishing a web service security analysis model based on program slicing, so as to protect key information and common messages in network services from inside and outside, and improve network service security. The technical solutions adopted in the present invention are: 1. ) Establish a slicer module to obtain information flow abstraction in Web service implementation code; 2) Establish a network service analysis module to discover security violations where key information is leaked to Internet users through the current service interface, including the security of independent network services Analysis and security analysis of the network service network; 3) Establish a security report module, which is used to generate a corresponding security report based on the model analysis results, combined with the existing web service security specifications and security measures proposed in the process. The present invention is mainly used to provide Web service security.

Figure 200910069325

Description

建立基于程序切片的Web服务安全分析模型的方法A Method of Establishing a Web Service Security Analysis Model Based on Program Slicing

技术领域 technical field

本发明涉及软件构建技术、网络安全,特别是基于程序切片的Web服务安全分析模型的软件架构,建立基于程序切片的Web服务安全分析模型的方法。The invention relates to software construction technology and network security, in particular to the software architecture of the Web service security analysis model based on program slicing, and the method for establishing the program slicing-based Web service security analysis model.

背景技术 Background technique

Web服务(Web Service)是基于可扩展标记语言XML和HTTPS(全称:Hypertext TransferProtocol over Secure Socket Layer,带安全进程通信机制层的超文本传输协议)的一种服务,其通信协议主要基于简单对象访问协议SOAP,服务的描述通过web服务描述语言WSDL,通过统一描述、发现和集成协议UDDI来发现和获得服务的元数据。Web Service (Web Service) is a service based on Extensible Markup Language XML and HTTPS (full name: Hypertext Transfer Protocol over Secure Socket Layer, Hypertext Transfer Protocol with secure process communication mechanism layer), and its communication protocol is mainly based on simple object access The protocol SOAP, the service description is through the web service description language WSDL, and the unified description, discovery and integration protocol UDDI is used to discover and obtain the metadata of the service.

Web服务在屏蔽系统的复杂性、异构平台交换信息方面的独特优势,使之得到广泛应用,同时Web服务中存在的安全漏洞也导致应用现状不能令人满意。Web服务的安全可以从两个角度考虑:1)独立Web服务中的安全情况;2)Web服务网络中的安全情况。与独立Web服务安全相关的研究课题主要包括:由标准制定机构及团体共同发布Web服务安全规范,保证信息在网络传递过程中的安全;引入编程技巧,包括对开发小组的安全课程培训和代码复查等;提出软件开发过程中,应该遵循的安全模型和过程。The unique advantages of Web services in shielding the complexity of the system and exchanging information between heterogeneous platforms make it widely used. At the same time, the security holes in Web services also lead to unsatisfactory application status. The security of Web services can be considered from two perspectives: 1) The security situation in the independent Web service; 2) The security situation in the Web service network. Research topics related to the security of independent Web services mainly include: standard-setting organizations and groups jointly publish Web service security specifications to ensure the security of information in the process of network transmission; introduction of programming skills, including security course training and code review for the development team Etc. Propose the security model and process that should be followed in the software development process.

通过实施安全规范和安全技术,对开发安全Web服务有积极的作用,但是各种安全规范和过程在实施过程中对开发机构的安全预算、开发人员的安全知识都有较高要求,不利于在所有Web服务开发中广泛实施。更重要的是,对SOAP消息经过加密、签名的措施,尽管可以有效保护消息传输过程中的机密性和完整性,但是当一个web服务的实现本身已经具有潜在的缺陷时,该缺陷被攻击者利用造成的信息泄露安全漏洞无法通过单一的外部安全措施进行缓和。事实上,如果没有一个有效的机制来分析Web服务的实现中的安全缺陷,这种类型的安全漏洞可能会一直存在,直至被攻击者攻破后给系统造成巨大的损害。从软件本身,研究Web服务自身安全漏洞的发现和缓和,是提高产品安全性的有力措施。Through the implementation of security specifications and security technologies, it has a positive effect on the development of secure Web services, but various security specifications and processes have high requirements on the security budget of the development organization and the security knowledge of developers during the implementation process, which is not conducive to the development of Web services. Widely implemented in all web service development. More importantly, although the encryption and signature measures for SOAP messages can effectively protect the confidentiality and integrity of the message transmission process, when a web service implementation itself has potential flaws, the flaws can be exploited by attackers. Information disclosure security breaches caused by exploitation cannot be mitigated by a single external security measure. In fact, if there is no effective mechanism to analyze the security flaws in the implementation of Web services, this type of security loopholes may always exist until they are broken by attackers and cause huge damage to the system. From the software itself, research on the discovery and mitigation of security loopholes in Web services is a powerful measure to improve product security.

程序切片是对程序的抽象,通过提取信息流的抽象,将切片理论应用于信息流获取过程。通过对web服务被访问过程中所传递的信息流进行分析,查看需要保护的关键信息是否在此信息流中从而泄露给外部用户,发现关键信息泄露的安全漏洞,保证关键信息不被非法访问,提高对关键信息保护力度,提高单个web服务的安全性。Program slicing is the abstraction of programs. By extracting the abstraction of information flow, the slicing theory is applied to the process of information flow acquisition. By analyzing the information flow transmitted during the access process of web services, check whether the key information that needs to be protected is leaked to external users in this information flow, find the security loopholes of key information leakage, and ensure that key information is not illegally accessed. Improve the protection of key information and improve the security of individual web services.

在Web服务网络中,安全漏洞扩散给系统和用户带来巨大的影响和损失。目前,服务网络形成原因主要在于SOA(Service-Oriented Architecture,面向服务的架构)的流行。SOA将业务处理过程建模成工作流,在工作流中通过BPEL(Business Process Execution Language,业务处理执行语言)来处理多个Web服务交互过程,每一个Web服务完成一个独立的功能,功能接口被WSDL(Web Service Description Language,web服务描述语言)描述,服务间的消息传递过程通过SOAP来完成。也就是说,一个工作流中包含若干个Web服务节点,不同的工作流通过交互而具有联系,使得所有的节点形成一个web服务网络。当其中一个节点(即Web服务)存在安全漏洞时,该安全漏洞会通过网络中节点间交互被扩散,给系统带来更大危害性。为了发现服务网络中当前漏洞扩散的情况,以独立web服务中的安全情况作为工作基础,通过跟踪关键信息或敏感数据在多个Web服务间的传递过程,研究服务网络中的信息泄露和漏洞扩散,提高网络安全性是急需解决的一个问题。In the Web service network, the proliferation of security holes brings huge impact and loss to the system and users. At present, the formation of the service network is mainly due to the popularity of SOA (Service-Oriented Architecture, service-oriented architecture). SOA models the business process as a workflow. In the workflow, BPEL (Business Process Execution Language, Business Process Execution Language) is used to process multiple Web service interaction processes. Each Web service completes an independent function, and the functional interface is defined as WSDL (Web Service Description Language, web service description language) description, the message passing process between services is completed through SOAP. That is to say, a workflow contains several Web service nodes, and different workflows are connected through interaction, so that all nodes form a web service network. When one of the nodes (that is, Web service) has a security vulnerability, the security vulnerability will be spread through the interaction between nodes in the network, which will bring greater harm to the system. In order to discover the current situation of vulnerability proliferation in the service network, the security situation in the independent web service is used as the working basis, and the information leakage and vulnerability diffusion in the service network are studied by tracking the transfer process of key information or sensitive data among multiple web services , Improving network security is a problem that needs to be solved urgently.

发明内容 Contents of the invention

为克服现有技术的不足,本发明的目的在于:提出一种建立基于程序切片的Web服务安全分析模型的方法,以及如何将本模型的分析结果与在已有的Web服务安全规范和过程中提出的安全措施相结合,从内部和外部对Web服务中关键信息和普通消息进行保护,提高Web服务安全性。本发明采用的技术方案是:建立基于程序切片的Web服务安全分析模型的方法,包括下列步骤:In order to overcome the deficiencies of the prior art, the purpose of the present invention is to: propose a method for establishing a Web service security analysis model based on program slicing, and how to combine the analysis results of this model with the existing Web service security specifications and processes Combining the security measures proposed, the key information and general information in Web services are protected internally and externally, and the security of Web services is improved. The technical solution adopted by the present invention is: the method for establishing the Web service security analysis model based on program slicing, comprising the following steps:

建立切片器模块,用于:通过指定合理的切片配置属性,计算Java程序的切片,提供功能接口供本模型中的Web服务分析模块调用,来获取与切片准则相关的程序抽象即程序的信息流;Establish a slicer module, which is used to: calculate slices of Java programs by specifying reasonable slice configuration attributes, and provide functional interfaces for calls by the Web service analysis module in this model to obtain the program abstraction related to the slice criteria, that is, the information flow of the program ;

建立Web服务分析模块,用于:Establish a Web service analysis module for:

(1)独立Web服务的安全分析:第一步解析WSDL协议,获取在Web服务描述的具体信息,包括对操作的抽象定义,绑定到这些操作的具体协议,绑定的一个网络端点规范以及进行操作的网络端点;第二步调用构建完成的切片器模块功能接口,以获取的服务接口作为切片配置,对Web服务的源码进行切片,获得外部接口的信息流;第三步查看需要保护的关键信息是否存在于接口信息流中,判断信息是否泄漏,完成对独立Web服务的安全分析;(1) Security analysis of independent web services: the first step is to analyze the WSDL protocol to obtain specific information described in web services, including abstract definitions of operations, specific protocols bound to these operations, a bound network endpoint specification, and The network endpoint for the operation; the second step is to call the function interface of the slicer module that has been built, and use the obtained service interface as the slice configuration to slice the source code of the Web service to obtain the information flow of the external interface; the third step is to view the information that needs to be protected Whether the key information exists in the interface information flow, judge whether the information is leaked, and complete the security analysis of the independent Web service;

(2)Web服务网络的安全分析:基于切片结果以及对独立Web服务安全分析结果,分析信息传递过程,查看关键信息是否在两个Web服务间被传递泄露,判断在服务网络中安全漏洞扩散的问题;(2) Security analysis of the Web service network: Based on the slice results and the security analysis results of independent Web services, analyze the information transfer process, check whether key information is leaked between two Web services, and judge the spread of security vulnerabilities in the service network question;

建立安全报告模块,用于:设计安全报告的组成结构,包括具有安全漏洞的接口,被泄露的关键信息,从内部措施和外部措施两个角度研究缓和方案的内容,内部措施包括修改网络web服务源码、将对应的方法设为私有和改变方法名称,实现危险接口的屏蔽;外部措施包括添加安全控制模块实现签名和加密,添加安全管理模块实现身份验证和访问控制。Establish a security report module for: designing the structure of the security report, including interfaces with security vulnerabilities, leaked key information, and studying the content of the mitigation plan from the perspectives of internal measures and external measures. Internal measures include modifying network web services Source code, setting the corresponding method as private and changing the method name to realize the shielding of dangerous interfaces; external measures include adding a security control module to implement signature and encryption, and adding a security management module to implement identity verification and access control.

所述的建立切片器模块中,切片器模块包括以下3个子模块:In the establishment of the slicer module, the slicer module includes the following 3 submodules:

(1)切片器引擎:读入配置文件,调用开源的程序依赖分析框架/库提供程序依赖分析功能接口构建系统依赖图,使用基于迭代的切片算法收集源程序中属于当前切片的语句,组成切片;(1) Slicer engine: read in the configuration file, call the open source program dependency analysis framework/library provider program dependency analysis function interface to build the system dependency graph, use the iteration-based slicing algorithm to collect the statements belonging to the current slice in the source program, and form a slice ;

(2)切片准则:属于执行切片的配置文件的组成结构,在切片准则中指定切片类型type、范围scope以及作为切片中心的具体语句criteria;(2) Slicing criteria: It belongs to the composition structure of the configuration file that executes slicing. In the slicing criteria, specify the slice type type, scope and specific statement criteria as the slice center;

(3)切片结果处理单元即post processor:通过post processor,完成从jimple结果到Java语句的映射转换,Java是一种程序编程语言,jimple是Java编程语言的中间表达形式。(3) The slice result processing unit is the post processor: through the post processor, the mapping conversion from the jimple result to the Java statement is completed. Java is a programming language, and jimple is an intermediate expression form of the Java programming language.

所述建立Web服务分析模块,其中的独立服务安全分析是,以Web服务源码和需要保护的关键信息作为输入,输出为是否存在关键信息泄露安全漏洞的报告,包括:The establishment of the Web service analysis module, wherein the independent service security analysis is to use the source code of the Web service and the key information to be protected as input, and the output is a report on whether there is a security vulnerability for key information disclosure, including:

1)解析WSDL协议,WSDL是Web Service Description LanguageWeb服务描述语言,获取外部接口信息,可获取的信息包括目标名称空间、服务名称、端口名称、操作名称以及输入输出参数,WSDL文档解析器工作流程:首先在WSDL文档中获取服务的服务的根节点definitions,通过调用返回服务的数组definiton.getServices方法获取服务名称,通过调用返回服务端口的数组service.getPorts方法获取服务端口,绑定端口调用返回绑定的端口port.getBinding,通过一个循环,对每一个选定的操作名称,使用调用分析操作、返回操作的具体信息analysisOperation方法分别获取输入参数以及输出参数的名称和类型,解析过程结束后,将获得的所有信息写入用户指定的文件对象File中,供其他模块读取;1) Analyze the WSDL protocol. WSDL is a Web Service Description Language Web service description language to obtain external interface information. The information that can be obtained includes target namespace, service name, port name, operation name, and input and output parameters. The workflow of the WSDL document parser: First obtain the root node definitions of the service in the WSDL document, obtain the service name by calling the definiton.getServices method that returns the service array, obtain the service port by calling the service.getPorts method that returns the service port array, and bind the port call to return the binding The port port.getBinding, through a cycle, for each selected operation name, use the analysisOperation method to call the analysis operation and return the specific information of the operation to obtain the names and types of input parameters and output parameters respectively. After the analysis process is completed, you will get All information of the file is written to the file object File specified by the user for other modules to read;

2)依据获得的接口名称和参数类型,将接口转换成合法的Java语句的形式作为切片器的输入,完成切片器所需要的其他配置包括指定切片范围、类型后,调用切片计算功能对源程序执行切片,从切片结果中获取接口相关信息流;2) According to the obtained interface name and parameter type, the interface is converted into a legal Java statement as the input of the slicer, and other configurations required by the slicer are completed, including specifying the slice range and type, and calling the slice calculation function to the source program Execute slicing and obtain interface-related information flow from the slicing result;

3)将需要保护的关键信息与接口信息流进行匹配,若两者发生重合,判断当前Web服务中安全漏洞存在。3) Match the key information to be protected with the interface information flow. If the two overlap, it is judged that there are security holes in the current Web service.

所述的Web服务网络安全分析是,分析服务间接口调用情况,以两个Web服务调用作为代表,分析过程通过判断是否出现目标Web服务的调用地址Endpoint以及目标操作的顺序,和出现顺序的先后来达到判断目标Web服务是否调用另一个Web服务中目标操作的目的,分析服务间的危险接口调用情况时,输入为被分析的Web服务源文件和安全漏洞信息文件,前述信息文件由切片器模块产生,安全漏洞信息文件提供了包含安全漏洞的服务URI,URI是Universal Resource Identifier资源标志符,以及对应的危险操作,通过这三者之间进行匹配,匹配成功,说明被分析的Web服务确实调用了包含安全漏洞的操作,从而导致了安全漏洞的扩散;否则,认为此Web服务未扩散安全漏洞,对于被判断存在安全漏洞的调用关系,网络web服务调用者中存在一个新的安全漏洞,将其加入新的危险接口列表。The described Web service network security analysis is to analyze the inter-service interface calls, using two Web service calls as representatives, the analysis process is to determine whether the call address Endpoint of the target Web service and the sequence of target operations, and the order of occurrence To achieve the purpose of judging whether the target Web service calls the target operation in another Web service, when analyzing the dangerous interface calls between services, the input is the analyzed Web service source file and the security vulnerability information file. The aforementioned information files are provided by the slicer module. Generated, the security vulnerability information file provides the service URI containing the security vulnerability, URI is the Universal Resource Identifier resource identifier, and the corresponding dangerous operation, through the matching between the three, the matching is successful, indicating that the analyzed Web service does call Otherwise, it is considered that this web service has not diffused security vulnerabilities, and for the calling relationship judged to have security vulnerabilities, there is a new security vulnerability in the caller of the network web service, and the It joins the list of new dangerous interfaces.

所述建立安全报告模块,从两个角度提供解决方案来缓和漏洞:The established security reporting module, provides solutions to mitigate vulnerabilities from two perspectives:

1、通过添加安全机制包括授权、身份验证、XML签名、或XML加密的方式,XML是Extensible Markup Language可扩展标记语言,达到只允许特定角色的客户端对该服务的存取的效果,可采取的措施包括身份验证、签名、有选择的对SOAP消息加密以及双层访问控制机制;1. By adding security mechanisms including authorization, identity verification, XML signature, or XML encryption, XML is Extensible Markup Language, to achieve the effect of only allowing clients with specific roles to access the service, which can be adopted Measures include authentication, signatures, optional encryption of SOAP messages, and two-tier access control mechanisms;

2、取消发布存在安全漏洞的接口,在WSDL文件中取消存在安全漏洞的接口,并在源文件中进行修改,包括将方法设为私有,或改变方法名称。2. Unpublish the interfaces with security vulnerabilities, cancel the interfaces with security vulnerabilities in the WSDL file, and make modifications in the source files, including making the method private or changing the method name.

所述的建立切片器模块,切片器模块进一步具体包括切片计算:在实现时,整个切片计算过程有多个phase组成,phase是指切片器的整个执行过程,分为若干个phase,在phase中执行静态分析或过程,可标注这些分析或者过程的开始和结束,每一个大阶段major phase由0个或者多个小阶段minor phase组成,顺序执行,一个过程是指能够完成一个特定功能的一系列程序行为,第1个major phase为切片计算阶段,由3个minor phase组成,即对象流分析阶段,依赖分析阶段,切片收集阶段;第2个major phase为切片结果处理阶段,无minorphase,执行过程为:The establishment of the slicer module, the slicer module further specifically includes slice calculation: when implemented, the entire slice calculation process is composed of multiple phases, and phase refers to the entire execution process of the slicer, which is divided into several phases. Perform static analysis or process, and mark the beginning and end of these analyzes or processes. Each major phase is composed of 0 or more minor phases, which are executed sequentially. A process refers to a series of processes that can complete a specific function. Program behavior, the first major phase is the slice calculation phase, which is composed of three minor phases, namely, the object flow analysis phase, the dependency analysis phase, and the slice collection phase; the second major phase is the slice result processing phase, without minor phase, the execution process for:

1)首先初始化一个切片器slicer对象,包括指定被切片程序、切片范围、类型;1) First initialize a slicer object, including specifying the slicer program, slice range, and type;

2)在切片器引擎中执行对象流分析,在指定标签tag名称,装载系统环境变量和切片配置后,通过执行对象流分析和依赖分析,生成程序依赖图;2) Perform object flow analysis in the slicer engine. After specifying the tag name, loading system environment variables and slice configuration, by performing object flow analysis and dependency analysis, a program dependency graph is generated;

3)收集切片,由切片器引擎驱动,将程序的AST中属于切片组成部分的节点用指定的标签名称tagName进行标注,若节点被指定的tagName标注,意味着其属于切片的组成部分,被标识的节点有两种类型即标签类taggedClasses和标签方法taggedMethods两个集合collection,通过这种方式,识别切片;3) Collect slices, driven by the slicer engine, mark the nodes in the AST of the program that are part of the slice with the specified tag name tagName, if the node is marked with the specified tagName, it means that it belongs to the slice and is identified There are two types of nodes: taggedClasses and taggedMethods, two collections. In this way, slices are identified;

4)处理切片结果,完成从jimple语句到Java语句的映射,依据先前指定的tagName识别出属于切片的语句,再根据语句中带有源语句行号信息,在源程序中识别出对应的Java形式的语句,实现将jimple语句形式的切片结果转化成一般Java语句。4) Process the slicing results, complete the mapping from the jimple statement to the Java statement, identify the statement that belongs to the slice according to the previously specified tagName, and then identify the corresponding Java form in the source program according to the line number information of the source statement in the statement statement to convert the slicing result in the form of jimple statement into a general Java statement.

本发明的有益效果:本发明面向安全Web服务产品开发,以降低Web服务中的安全漏洞,提高软件质量为目标,构建一个Web服务安全分析模型,可用于发现独立Web服务和Web服务网络中信息泄露安全漏洞的存在和扩散,具体效果包括:Beneficial effects of the present invention: the present invention is oriented to the development of secure Web service products, aiming at reducing security loopholes in Web services and improving software quality, and constructs a Web service security analysis model, which can be used to discover information in independent Web services and Web service networks Disclosing the existence and proliferation of security vulnerabilities, specific effects include:

1、提出独立Web服务中信息泄露安全漏洞的发现方法,能够分析关键信息是否被泄露给外部用户,用于提高对关键信息的保护力度,减少安全漏洞;1. Propose a discovery method for information leakage security vulnerabilities in independent Web services, which can analyze whether key information has been leaked to external users, so as to improve the protection of key information and reduce security vulnerabilities;

2、基于独立Web服务中安全情况的报告,提出发现服务网络中安全漏洞扩散的方法。对存在于单个Web服务中的安全漏洞,通过分析该漏洞在服务网络中的扩散情况,提出缓和方案,降低了由于漏洞影响范围扩散而带来的巨大损失;2. Based on the report of the security situation in the independent Web service, a method for discovering the proliferation of security vulnerabilities in the service network is proposed. For the security loopholes existing in a single web service, by analyzing the spread of the loopholes in the service network, a mitigation plan is proposed to reduce the huge loss caused by the spread of the loopholes;

3、开发图形化用户界面,提供Web服务安全分析模块配置,执行安全分析的功能;提供API接口封装本模型提供的分析功能模块,发布为可供互联网用户调用的Web服务接口,减少用户资源需求,提高使用效率。3. Develop a graphical user interface, provide Web service security analysis module configuration, and perform security analysis functions; provide an API interface to encapsulate the analysis function modules provided by this model, and publish it as a Web service interface that can be called by Internet users, reducing user resource requirements , improve efficiency.

实际的开发过程中,当服务商发布的Web服务中接口数量庞大时,通过运行本模型提供的安全分析工具,发现这些对敏感数据进行操作的接口并采取相应的措施,在改善Web服务安全性的同时,也能够有效的节省时间和金钱。In the actual development process, when the number of interfaces in the Web services released by the service provider is large, by running the security analysis tool provided by this model, these interfaces that operate on sensitive data are found and corresponding measures are taken to improve the security of Web services. At the same time, it can effectively save time and money.

附图说明 Description of drawings

图1Web服务安全分析模型的总体架构图。Figure 1 The overall architecture diagram of the Web service security analysis model.

图2Web服务安全分析模型的运行流程图。Figure 2 is the flow chart of the operation of the Web service security analysis model.

具体实施方式 Detailed ways

本发明试图解决的核心问题包括:基于程序切片,从Web服务实现中获取信息流的抽象;在独立的Web服务中,获取关键信息的流动方向和泄漏情况;在web服务网络中,研究关键信息是否被传递泄露导致漏洞扩散;以及如何将本模型的分析结果与在已有的web服务安全规范和过程中提出的安全措施相结合,来从内部和外部对web服务中关键信息和普通消息进行保护,提高web服务安全性。The core problems that the present invention attempts to solve include: based on program slicing, obtain the abstraction of information flow from Web service implementation; in independent Web services, obtain the flow direction and leakage of key information; in web service networks, study key information Whether it is transmitted and leaked leads to the spread of vulnerabilities; and how to combine the analysis results of this model with the security measures proposed in the existing web service security norms and processes to internally and externally monitor key information and common messages in web services Protection, improve web service security.

针对上述核心问题,本发明面向安全Web服务开发的编码阶段,基于程序切片获取信息流抽象,构建Web服务安全分析模型,发现web服务网络中的信息泄露安全漏洞,有着重大的理论意义和实际应用价值。主要内容包括:Aiming at the above-mentioned core problems, the present invention is oriented to the coding stage of secure Web service development, obtains information flow abstraction based on program slices, builds a Web service security analysis model, and finds information leakage security loopholes in the Web service network, which has great theoretical significance and practical application value. The main contents include:

1)研究程序切片的核心思想,将其应用于Web服务实现代码中获取信息流抽象;1) Study the core idea of program slicing, and apply it to obtain information flow abstraction in Web service implementation code;

2)研究发现独立web服务中的信息泄露安全漏洞的方法,通过对服务接口信息流和关键信息语句集合的分别获取和协同匹配,发现关键信息通过当前服务接口泄漏给互联网用户的安全违背情况;2) To study the method of discovering information leakage security loopholes in independent web services, through the separate acquisition and collaborative matching of service interface information flow and key information statement sets, to discover the security violations of key information leaked to Internet users through the current service interface;

3)基于对独立web服务中漏洞情况分析的结果,研究对web服务网络中安全漏洞扩散的分析方法,通过查看服务接口调用情况,分析关键信息在不同web服务间传递过程,判断这种传递过程是否导致单个web服务信息泄露安全漏洞在服务网络中被扩散给更多互联网用户;3) Based on the results of the analysis of vulnerabilities in independent web services, study the analysis method for the proliferation of security vulnerabilities in web service networks, analyze the transfer process of key information between different web services by viewing the service interface calls, and judge the transfer process Whether a single web service information leakage security vulnerability is spread to more Internet users in the service network;

4)基于模型分析结果,结合已有的web服务安全规范和过程中提出的安全措施,生成相应的安全报告,从内部和外部两个角度提供合理的缓和方案。4) Based on the model analysis results, combined with the existing web service security specifications and security measures proposed in the process, generate corresponding security reports, and provide reasonable mitigation solutions from both internal and external perspectives.

下面结合附图和实施例进一步详细说明本发明。The present invention will be further described in detail below in conjunction with the accompanying drawings and embodiments.

本发明包括切片器模块、web服务分析模块和安全报告模块,各模块组成及交互如图1所示:The present invention includes a slicer module, a web service analysis module and a safety report module, and the composition and interaction of each module are as shown in Figure 1:

1、切片器模块1. Slicer module

本模块是一个独立的功能模块,通过指定合理的切片配置属性,计算Java程序的切片。提供功能接口供本模型中的web服务分析模块调用,来获取与切片准则相关的程序抽象(即程序的信息流)。具有重用特征,经过适当修改,可用于其他项目中。切片器模块由下面3个子模块组成。This module is an independent functional module, which calculates slices of Java programs by specifying reasonable slice configuration properties. A functional interface is provided for the web service analysis module in this model to call to obtain the program abstraction related to the slicing criterion (that is, the information flow of the program). Features reuse and can be used in other projects with appropriate modification. The slicer module consists of the following three submodules.

(1)切片器引擎:读入配置文件,调用开源的程序依赖分析框架(库)提供程序依赖分析功能的API构建系统依赖图,使用基于迭代的切片算法收集源程序中属于当前切片的语句,组成切片。(1) Slicer engine: read in the configuration file, call the open source program dependency analysis framework (library) to provide the program dependency analysis API to build the system dependency graph, and use the iteration-based slicing algorithm to collect the statements belonging to the current slice in the source program, Make up slices.

(2)切片准则:属于执行切片的配置文件的组成结构,在切片准则中指定type(切片类型)、scope(范围)以及criteria(作为切片中心的具体语句)。(2) Slicing criterion: it belongs to the composition structure of the configuration file for performing slicing, and in the slicing criterion, type (slicing type), scope (scope) and criteria (specific statement as the slicing center) are specified.

(3)切片结果处理(即post processor):在切片器引擎模块执行流程中,由于是直接使用静态分析库API进行计算,得到的切片结果为Jimple(java的中间表达形式,由soot框架提供从java到jimple的转换)语句,不利于阅读和理解,因此需要经过适当处理转换为java语句。通过post processor,完成从jimple结果到java语句的映射转换。(3) Slicing result processing (i.e. post processor): In the execution process of the slicer engine module, since the static analysis library API is directly used for calculation, the obtained slice result is Jimple (intermediate expression form of java, provided by the soot framework from Java to jimple conversion) statement is not conducive to reading and understanding, so it needs to be converted into java statement after proper processing. Through the post processor, the mapping conversion from the jimple result to the java statement is completed.

2、Web服务分析模块2. Web service analysis module

(1)独立web服务的安全分析:第一步解析WSDL协议,获取在web服务描述的具体信息,包括对操作的抽象定义,绑定到这些操作的具体协议,绑定的一个网络端点规范以及进行操作的网络端点;第二步调用构建完成的切片器模块功能接口,以获取的服务接口作为切片配置,对web服务的源码进行切片,获得外部接口的信息流;第三步查看需要保护的关键信息是否存在于接口信息流中,判断信息是否泄漏,完成对独立web服务的安全分析;(1) Security analysis of independent web services: the first step is to analyze the WSDL protocol to obtain specific information described in web services, including abstract definitions of operations, specific protocols bound to these operations, a bound network endpoint specification, and The network endpoint for operation; the second step is to call the function interface of the slicer module that has been built, and use the obtained service interface as a slice configuration to slice the source code of the web service to obtain the information flow of the external interface; the third step is to view the information that needs to be protected Whether the key information exists in the interface information flow, judge whether the information is leaked, and complete the security analysis of the independent web service;

(2)web服务网络的安全分析:不同的web服务通过接口调用组成服务网络,各种信息在这种接口调用过程中进行传递。当安全漏洞发生在一个web服务中,同时其他web服务调用该web服务完成新的功能并发布成新的接口时,该安全漏洞被扩散,基于切片结果以及对独立web服务安全分析结果,分析信息传递过程,查看关键信息是否在两个web服务间被传递泄露,判断在服务网络中安全漏洞扩散的问题,(2) Security analysis of web service network: Different web services form a service network through interface calls, and various information is transmitted during the interface call process. When a security vulnerability occurs in a web service, and other web services call the web service to complete new functions and publish it as a new interface, the security vulnerability is diffused, and the information is analyzed based on the slice results and the security analysis results of independent web services During the transmission process, check whether the key information is transmitted and leaked between two web services, and judge the problem of the spread of security vulnerabilities in the service network,

3、安全报告模块3. Security report module

设计安全报告的组成结构,包括具有安全漏洞的接口,被泄露的关键信息。从内部措施和外部措施两个角度研究缓和方案的内容。内部措施包括修改web服务源码、将对应的方法设为私有和改变方法名称等,实现危险接口的屏蔽;外部措施包括添加安全控制模块实现签名和加密,添加安全管理模块实现身份验证和访问控制等。Design the composition structure of the security report, including interfaces with security vulnerabilities and leaked key information. The content of the mitigation plan is studied from two angles of internal measures and external measures. Internal measures include modifying the source code of the web service, making the corresponding method private and changing the method name, etc., to realize the shielding of dangerous interfaces; external measures include adding a security control module to implement signature and encryption, adding a security management module to implement identity verification and access control, etc. .

两种使用方式:1)开发图形用户界面,在本地完成安全分析;2)将各模块功能封装成接口API,发布为web服务,供互联网用户远程调用,减少用户资源消耗,为更高数量级别的用户提供服务。Two ways of use: 1) Develop a graphical user interface and complete security analysis locally; 2) Encapsulate the functions of each module into an interface API and publish it as a web service for remote calls by Internet users, reducing user resource consumption and providing a higher level users provide services.

本发明的有益效果:本发明面向安全Web服务产品开发,以降低Web服务中的安全漏洞,提高软件质量为目标,构建一个web服务安全分析模型,可用于发现独立web服务和web服务网络中信息泄露安全漏洞的存在和扩散,具体成果包括:Beneficial effects of the present invention: the present invention is oriented to the development of secure Web service products, aiming at reducing security loopholes in Web services and improving software quality, and constructs a web service security analysis model, which can be used to discover information in independent web services and web service networks Disclosure of the existence and proliferation of security vulnerabilities, with specific outcomes including:

1、提出独立web服务中信息泄露安全漏洞的发现方法,能够分析关键信息是否被泄露给外部用户,用于提高对关键信息的保护力度,减少安全漏洞;1. Propose a method for discovering information leakage security vulnerabilities in independent web services, which can analyze whether key information has been leaked to external users, so as to improve the protection of key information and reduce security vulnerabilities;

2、基于独立web服务中安全情况的报告,提出发现服务网络中安全漏洞扩散的方法。对存在于单个web服务中的安全漏洞,通过分析该漏洞在服务网络中的扩散情况,提出缓和方案,降低了由于漏洞影响范围扩散而带来的巨大损失;2. Based on the report of the security situation in the independent web service, a method for discovering the proliferation of security vulnerabilities in the service network is proposed. For a security vulnerability existing in a single web service, by analyzing the spread of the vulnerability in the service network, a mitigation plan is proposed to reduce the huge loss caused by the spread of the vulnerability;

3、开发图形化用户界面,提供web服务安全分析模块配置,执行安全分析的功能;提供API接口封装本模型提供的分析功能模块,发布为可供互联网用户调用的web服务接口,减少用户资源需求,提高使用效率。3. Develop a graphical user interface, provide web service security analysis module configuration, and perform security analysis functions; provide an API interface to encapsulate the analysis function module provided by this model, and publish it as a web service interface that can be called by Internet users to reduce user resource requirements , improve efficiency.

实际的开发过程中,当服务商发布的web服务中接口数量庞大时,通过运行本模型提供的安全分析工具,发现这些对敏感数据进行操作的接口并采取相应的措施,在改善web服务安全性的同时,也能够有效的节省时间和金钱。In the actual development process, when the number of interfaces in the web service released by the service provider is large, by running the security analysis tool provided by this model, these interfaces that operate on sensitive data are found and corresponding measures are taken to improve the security of web services. At the same time, it can effectively save time and money.

下面结合附图、实施例对本发明中的各模块做进一步的描述。Each module in the present invention will be further described below in conjunction with the drawings and embodiments.

1、切片计算1. Slice calculation

在实现时,整个切片计算过程有多个Phase(阶段)组成。Phase是指切片器的整个执行过程,分为若干个phase。在phase中执行静态分析或过程,可标注这些分析或者过程的开始和结束。每一个major phase(大阶段)由0个或者多个minor phase(小阶段)组成,顺序执行。During implementation, the entire slice calculation process consists of multiple Phases. Phase refers to the entire execution process of the slicer, which is divided into several phases. Static analyzes or procedures are performed in phase, and the start and end of these analyzes or procedures can be marked. Each major phase (big phase) is composed of 0 or more minor phases (small phases), which are executed sequentially.

1)首先初始化一个slicer(切片器)对象,包括指定被切片程序、切片范围、类型;1) First initialize a slicer (slicer) object, including specifying the program to be sliced, slice range, and type;

2)在切片器引擎中执行对象流分析,在指定tag(标签)名称,装载系统环境变量和切片配置后,通过执行对象流分析和依赖分析,生成程序依赖图;2) Perform object flow analysis in the slicer engine. After specifying the tag (label) name, loading system environment variables and slice configuration, by performing object flow analysis and dependency analysis, a program dependency graph is generated;

3)收集切片,由切片器引擎驱动,将程序的AST中属于切片组成部分的节点用指定的tagName(标签名称)进行标注,也就是说,若节点被指定的tagName标注,意味着其属于切片的组成部分,被标识的节点有两种类型即(taggedClasses(标签类)和taggedMethods(标签方法)两个collection(集合)),通过这种方式,识别切片。3) Collect slices, driven by the slicer engine, and mark the nodes that are part of the slice in the AST of the program with the specified tagName (tag name), that is, if the node is marked with the specified tagName, it means that it belongs to the slice Components, the identified nodes have two types (taggedClasses (label class) and taggedMethods (label method) two collections (collection)), in this way, identify slices.

4)处理切片结果,完成从jimple语句到java语句的映射。依据先前指定的tagName识别出属于切片的语句,再根据语句中带有源语句行号信息,在源程序中识别出对应的java形式的语句,实现将jimple语句形式的切片结果转化成一般java语句的功能。4) Process the slicing result and complete the mapping from the jimple statement to the java statement. Identify the statement that belongs to the slice according to the previously specified tagName, and then identify the corresponding statement in the form of java in the source program according to the line number information of the source statement in the statement, and realize the conversion of the slice result in the form of jimple statement into a general java statement function.

2、独立web服务安全分析2. Independent web service security analysis

在这个过程中,以web服务源码和需要保护的关键信息作为输入,输出为是否存在关键信息泄露安全漏洞的报告。In this process, the source code of the web service and the key information to be protected are used as input, and the output is a report on whether there is a security vulnerability for key information leakage.

1)解析WSDL协议,获取外部接口信息,可获取的信息包括目标名称空间、服务名称、端口名称、操作名称以及输入输出参数。开发的WSDL文档解析器工作流程:首先在WSDL文档中获取服务的definitions(服务的根节点),通过definiton.getServices方法(调用该方法返回服务的数组)获取服务名称,通过service.getPorts(调用该方法返回服务端口的数组)方法获取服务端口,绑定端口port.getBinding(用该方法返回绑定的端口),通过一个循环,对每一个选定的操作名称,使用analysisOperation方法(调用该方法分析操作,返回操作的具体信息)分别获取输入参数以及输出参数的名称和类型。解析过程结束后,将获得的所有信息写入用户指定的File(文件对象)中,供其他模块读取。1) Analyze the WSDL protocol to obtain external interface information. The information that can be obtained includes target namespace, service name, port name, operation name, and input and output parameters. The developed WSDL document parser workflow: first obtain the definitions of the service (the root node of the service) in the WSDL document, obtain the service name through the definition.getServices method (calling this method returns an array of services), and pass service. The method returns an array of service ports) method to get the service port, bind the port port.getBinding (use this method to return the bound port), through a loop, for each selected operation name, use the analysisOperation method (call this method to analyze operation, returns the specific information of the operation) to obtain the names and types of input parameters and output parameters respectively. After the parsing process is over, write all the obtained information into the File (file object) specified by the user for other modules to read.

2)依据获得的接口名称和参数类型,将接口转换成合法的Java语句的形式作为切片器的输入,完成切片器所需要的其他配置(指定切片范围、类型等)后,调用切片计算功能对源程序执行切片,从切片结果中获取接口相关信息流;2) According to the obtained interface name and parameter type, the interface is converted into a legal Java statement as the input of the slicer, and after completing other configurations required by the slicer (specifying the slice range, type, etc.), call the slice calculation function to The source program executes slicing, and obtains the interface-related information flow from the slicing result;

3)将需要保护的关键信息与接口信息流进行匹配,若两者发生重合,判断当前web服务中安全漏洞存在。3) Match the key information to be protected with the interface information flow. If the two overlap, it is judged that there are security vulnerabilities in the current web service.

3、web服务网络安全分析3. Web service network security analysis

分析服务间接口调用情况。以两个web服务调用作为代表,分析过程通过判断是否出现目标web服务的Endpoint(web服务的调用地址)以及目标操作的顺序,和出现顺序的先后来达到判断目标web服务是否调用另一个web服务中目标操作的目的Analyze interface calls between services. Taking two web service calls as representatives, the analysis process judges whether the target web service calls another web service by judging whether the Endpoint (the calling address of the web service) of the target web service appears, the order of the target operations, and the order of occurrence The purpose of the target operation

分析服务间的危险接口调用情况时,输入为被分析的web服务源文件和安全漏洞信息文件(由切片器模块产生)。安全漏洞信息文件提供了包含安全漏洞的服务URI(UniversalResource Identifier,资源标志符)以及对应的危险操作。通过这三者之间进行匹配,匹配成功,说明被分析的web服务确实调用了包含安全漏洞的操作,从而导致了安全漏洞的扩散;否则,认为此web服务未扩散安全漏洞。When analyzing dangerous interface calls between services, the input is the analyzed web service source file and security vulnerability information file (generated by the slicer module). The security vulnerability information file provides the service URI (UniversalResource Identifier, resource identifier) containing the security vulnerability and the corresponding dangerous operation. Through the matching between the three, if the matching is successful, it means that the analyzed web service does call the operation containing the security vulnerability, which leads to the proliferation of the security vulnerability; otherwise, it is considered that the web service has not diffused the security vulnerability.

对于被判断存在安全漏洞的调用关系,web服务调用者中存在一个新的安全漏洞,应该将其加入新的危险接口列表。For the calling relationship judged to have a security hole, there is a new security hole in the web service caller, which should be added to the new list of dangerous interfaces.

4、安全报告4. Safety report

针对已发现的潜在安全漏洞,安全报告的提供相应的缓和措施,为用户消除威胁,提高web服务安全性提供辅助性意见。结合用户不同的需要,从两个角度提供解决方案来缓和漏洞:For the discovered potential security vulnerabilities, the security report provides corresponding mitigation measures to eliminate threats for users and provide auxiliary suggestions for improving the security of web services. Combined with different needs of users, solutions are provided from two perspectives to alleviate vulnerabilities:

1、当开发人员确实需要发布该服务给特定的用户群使用时,通过添加安全机制(如授权、身份验证、XML(Extensible Markup Language,即可扩展标记语言)签名、XML加密等)的方式,达到只允许特定角色的客户端对该服务的存取的效果,可采取的措施包括身份验证、签名、有选择的对SOAP消息加密以及双层访问控制机制。1. When the developer really needs to release the service to a specific user group, by adding security mechanisms (such as authorization, authentication, XML (Extensible Markup Language, Extensible Markup Language) signature, XML encryption, etc.), To achieve the effect of only allowing clients with specific roles to access the service, the measures that can be taken include identity verification, signature, selective encryption of SOAP messages, and two-layer access control mechanisms.

2、取消发布存在安全漏洞的接口。这种缓和措施适用于这样的情况,当开发人员在非故意的情况下(如WSDL文件自动生成工具),暴露了敏感信息的操作接口。此时,不应该由任何外部客户端,因此需要在WSDL文件中取消该接口,并在源文件中进行修改(如将方法设为私有,改变方法名称等)。2. Unpublish interfaces with security vulnerabilities. This mitigating measure applies to the situation when the developer exposes the operation interface of sensitive information in an unintentional situation (such as a WSDL file automatic generation tool). At this point, it should not be used by any external clients, so the interface needs to be canceled in the WSDL file and modified in the source file (such as making the method private, changing the method name, etc.).

在实际情况中,这些缓和措施可以互相搭配使用,来产生最好效果。In practice, these mitigating measures can be used in conjunction with each other to produce the best results.

下面简要描述安全分析模型的运行流程:从图2中看出,当用户对自己的Web服务进行安全分析时,需要提供如下信息:Web服务源码以及需要保护的关键信息。切片器模块完成的功能包括:根据关键信息从web服务源码中提取出关键语句集合,供后续使用;使用已经得到的切片准则,计算切片;在前两步的基础上,处理切片结果,判定安全漏洞的存在性问题。Web服务协议分析模块完成的功能有两个:第一获取web服务暴露的外部用户接口并进行处理,生成前一步所需要的切片准则,调用切片器模块功能对源程序执行切片,判断安全漏洞的存在;第二根据切片器模块的计算结果,结合web服务网络中不同服务间的接口调用关系,分析信息流传递过程中涉及到的关键信息传递问题,判定安全漏洞扩散。The following briefly describes the operation process of the security analysis model: As can be seen from Figure 2, when users perform security analysis on their own Web services, they need to provide the following information: Web service source code and key information to be protected. The functions completed by the slicer module include: extracting the key statement set from the web service source code according to the key information for subsequent use; using the obtained slicing criteria to calculate slices; on the basis of the previous two steps, process the slicing results and determine the security The existence of vulnerabilities. The web service protocol analysis module completes two functions: first, obtain and process the external user interface exposed by the web service, generate the slicing criteria required in the previous step, call the slicer module to perform slicing of the source program, and determine the security vulnerability Existence; second, according to the calculation results of the slicer module, combined with the interface call relationship between different services in the web service network, analyze the key information transmission problems involved in the information flow transmission process, and determine the spread of security vulnerabilities.

Claims (5)

1.一种建立基于程序切片的Web服务安全分析模型的方法,其特征是,包括下列步骤:1. A method for setting up a Web service security analysis model based on program slicing, characterized in that it comprises the following steps: 建立切片器模块,用于:通过指定合理的切片配置属性,计算Java程序的切片,提供功能接口供本模型中的网络web服务分析模块调用,来获取与切片准则相关的程序抽象即程序的信息流;Establish a slicer module, which is used to: calculate slices of Java programs by specifying reasonable slice configuration attributes, and provide functional interfaces for calls by the network web service analysis module in this model to obtain program abstractions related to slice criteria, that is, program information flow; 建立Web服务分析模块,用于:Establish a Web service analysis module for: (1)独立Web服务的安全分析:第一步解析WSDL协议,WSDL是Web ServiceDescription LanguageWeb服务描述语言,获取在Web服务描述的具体信息,包括对操作的抽象定义,绑定到这些操作的具体协议,绑定的一个网络端点规范以及进行操作的网络端点;第二步调用构建完成的切片器模块功能接口,以获取的服务接口作为切片配置,对Web服务的源码进行切片,获得外部接口的信息流;第三步查看需要保护的关键信息是否存在于接口信息流中,判断信息是否泄漏,完成对独立Web服务的安全分析;(1) Security analysis of independent Web services: the first step is to analyze the WSDL protocol. WSDL is a Web Service Description Language Web service description language to obtain specific information described in Web services, including abstract definitions of operations, and specific protocols bound to these operations , a bound network endpoint specification and the network endpoint for operation; the second step calls the constructed slicer module function interface, uses the obtained service interface as slice configuration, slices the source code of the Web service, and obtains the information of the external interface The third step is to check whether the key information to be protected exists in the interface information flow, judge whether the information is leaked, and complete the security analysis of the independent Web service; (2)Web服务网络的安全分析:基于切片结果以及对独立Web服务安全分析结果,分析信息传递过程,查看关键信息是否在两个Web服务间被传递泄露,判断在服务网络中安全漏洞扩散的问题;(2) Security analysis of the Web service network: Based on the slice results and the security analysis results of independent Web services, analyze the information transfer process, check whether key information is leaked between two Web services, and judge the spread of security vulnerabilities in the service network question; 建立安全报告模块,用于:设计安全报告的组成结构,包括具有安全漏洞的接口,被泄露的关键信息,从内部措施和外部措施两个角度研究缓和方案的内容,内部措施包括修改网络web服务源码、将对应的方法设为私有和改变方法名称,实现危险接口的屏蔽;外部措施包括添加安全控制模块实现签名和加密,添加安全管理模块实现身份验证和访问控制。Establish a security report module for: designing the structure of the security report, including interfaces with security vulnerabilities, leaked key information, and studying the content of the mitigation plan from the perspectives of internal measures and external measures. Internal measures include modifying network web services Source code, setting the corresponding method as private and changing the method name to realize the shielding of dangerous interfaces; external measures include adding a security control module to implement signature and encryption, and adding a security management module to implement identity verification and access control. 2.根据权利要求1所述的一种建立基于程序切片的Web服务安全分析模型的方法,其特征是,所述的建立切片器模块中,切片器模块包括以下3个子模块:2. A method of establishing a program slicing-based Web service security analysis model according to claim 1, characterized in that, in the described establishment of a slicer module, the slicer module includes the following 3 submodules: (1)切片器引擎:读入配置文件,调用开源的程序依赖分析框架/库提供程序依赖分析功能接口构建系统依赖图,使用基于迭代的切片算法收集源程序中属于当前切片的语句,组成切片;(1) Slicer engine: read in the configuration file, call the open source program dependency analysis framework/library provider program dependency analysis function interface to build the system dependency graph, use the iteration-based slicing algorithm to collect the statements belonging to the current slice in the source program, and form a slice ; (2)切片准则:属于执行切片的配置文件的组成结构,在切片准则中指定切片类型type、范围scope以及作为切片中心的具体语句criteria;(2) Slicing criteria: It belongs to the composition structure of the configuration file that executes slicing. In the slicing criteria, specify the slice type type, scope and specific statement criteria as the slice center; (3)切片结果处理单元即post processor:通过post processor,完成从jimple结果到Java语句的映射转换,Java是一种程序编程语言,jimple是Java编程语言的中间表达形式。(3) The slice result processing unit is the post processor: through the post processor, the mapping conversion from the jimple result to the Java statement is completed. Java is a programming language, and jimple is an intermediate expression form of the Java programming language. 3.根据权利要求1所述的一种建立基于程序切片的Web服务安全分析模型的方法,其特征是,所述建立Web服务分析模块,其中的独立Web服务安全分析是,以Web服务源码和需要保护的关键信息作为输入,输出为是否存在关键信息泄露安全漏洞的报告,包括:3. A method for establishing a program slicing-based Web service security analysis model according to claim 1, wherein said establishment of a Web service analysis module, wherein the independent Web service security analysis is based on Web service source code and The key information that needs to be protected is used as the input, and the output is a report on whether there is a key information leakage security vulnerability, including: 1)解析WSDL协议,获取外部接口信息,可获取的信息包括目标名称空间、服务名称、端口名称、操作名称以及输入输出参数,WSDL文档解析器工作流程:首先在WSDL文档中获取服务的根节点definitions,通过调用返回服务的数组definiton.getServices方法获取服务名称,通过调用返回服务端口的数组service.getPorts方法获取服务端口,绑定端口调用返回绑定的端口port.getBinding,通过一个循环,对每一个选定的操作名称,使用调用分析操作、返回操作的具体信息analysisOperation方法分别获取输入参数以及输出参数的名称和类型,解析过程结束后,将获得的所有信息写入用户指定的文件对象File中,供其他模块读取;1) Parse the WSDL protocol and obtain external interface information. The available information includes the target namespace, service name, port name, operation name, and input and output parameters. The workflow of the WSDL document parser: first obtain the root node of the service in the WSDL document definitions, obtain the service name by calling the definiton.getServices method that returns the service array, obtain the service port by calling the service.getPorts method that returns the service port array, and call the bound port port.getBinding to return the bound port. For a selected operation name, use the analysisOperation method to call the analysis operation and return the specific information of the operation to obtain the name and type of the input parameters and output parameters respectively. After the analysis process is completed, write all the obtained information into the file object File specified by the user , for other modules to read; 2)依据获得的接口名称和参数类型,将接口转换成合法的Java语句的形式作为切片器的输入,完成切片器所需要的其他配置包括指定切片范围、类型后,调用切片计算功能对源程序执行切片,从切片结果中获取接口相关信息流;2) According to the obtained interface name and parameter type, the interface is converted into a legal Java statement as the input of the slicer, and other configurations required by the slicer are completed, including specifying the slice range and type, and calling the slice calculation function to the source program Execute slicing and obtain interface-related information flow from the slicing result; 3)将需要保护的关键信息与接口信息流进行匹配,若两者发生重合,判断当前Web服务中安全漏洞存在;3) Match the key information to be protected with the interface information flow. If the two overlap, it is determined that there are security vulnerabilities in the current Web service; 所述的Web服务网络安全分析是,分析服务间接口调用情况,以两个Web服务调用作为代表,分析过程通过判断是否出现目标Web服务的调用地址Endpoint以及目标操作的顺序,和出现顺序的先后来达到判断目标Web服务是否调用另一个Web服务中目标操作的目的,分析服务间的危险接口调用情况时,输入为被分析的Web服务源文件和安全漏洞信息文件,前述信息文件由切片器模块产生,安全漏洞信息文件提供了包含安全漏洞的服务URI,URI是Universal Resource Identifier资源标志符,以及对应的危险操作,通过这三者之间进行匹配,匹配成功,说明被分析的Web服务确实调用了包含安全漏洞的操作,从而导致了安全漏洞的扩散;否则,认为此Web服务未扩散安全漏洞,对于被判断存在安全漏洞的调用关系,网络web服务调用者中存在一个新的安全漏洞,将其加入新的危险接口列表。The described Web service network security analysis is to analyze the inter-service interface calls, using two Web service calls as representatives, the analysis process is to determine whether the call address Endpoint of the target Web service and the sequence of target operations, and the order of occurrence To achieve the purpose of judging whether the target Web service calls the target operation in another Web service, when analyzing the dangerous interface calls between services, the input is the analyzed Web service source file and the security vulnerability information file. The aforementioned information files are provided by the slicer module. Generated, the security vulnerability information file provides the service URI containing the security vulnerability, URI is the Universal Resource Identifier resource identifier, and the corresponding dangerous operation, through the matching between the three, the matching is successful, indicating that the analyzed Web service does call Otherwise, it is considered that this web service has not diffused security vulnerabilities, and for the calling relationship judged to have security vulnerabilities, there is a new security vulnerability in the caller of the network web service, and the It joins the list of new dangerous interfaces. 4.根据权利要求1所述的一种建立基于程序切片的Web服务安全分析模型的方法,其特征是,所述建立安全报告模块,从两个角度提供解决方案来缓和漏洞:4. A method of establishing a program slicing-based Web service security analysis model according to claim 1, wherein said establishment of a security report module provides solutions from two perspectives to alleviate vulnerabilities: (1)通过添加安全机制包括授权、身份验证、XML签名、或XML加密的方式,XML是Extensible Markup Language可扩展标记语言,达到只允许特定角色的客户端对该服务的存取的效果,可采取的措施包括身份验证、签名、有选择的对SOAP消息加密以及双层访问控制机制;(1) By adding security mechanisms including authorization, identity verification, XML signature, or XML encryption, XML is Extensible Markup Language, to achieve the effect of only allowing clients with specific roles to access the service. Measures taken include authentication, signatures, optional encryption of SOAP messages, and two-tiered access control mechanisms; (2)取消发布存在安全漏洞的接口,在WSDL文件中取消存在安全漏洞的接口,并在源文件中进行修改,包括将方法设为私有,或改变方法名称。(2) Unpublish the interfaces with security vulnerabilities, cancel the interfaces with security vulnerabilities in the WSDL file, and make modifications in the source files, including making the method private or changing the method name. 5.根据权利要求1或2所述的一种建立基于程序切片的Web服务安全分析模型的方法,其特征是,所述的建立切片器模块,切片器模块进一步具体包括切片计算:在实现时,整个切片计算过程有多个phase组成,phase是指切片器的整个执行过程,分为若干个phase,在phase中执行静态分析或过程,可标注这些分析或者过程的开始和结束,每一个大阶段major phase由0个或者多个小阶段minor phase组成,顺序执行,一个过程是指能够完成一个特定功能的一系列程序行为,第1个major phase为切片计算阶段,由3个minor phase组成,即对象流分析阶段,依赖分析阶段,切片收集阶段;第2个major phase为切片结果处理阶段,无minor phase,执行过程为:5. A method for establishing a program slicing-based Web service security analysis model according to claim 1 or 2, characterized in that said establishment of a slicer module, the slicer module further specifically includes slice calculation: when implemented , the entire slice calculation process consists of multiple phases. A phase refers to the entire execution process of the slicer, which is divided into several phases. Static analysis or processes are performed in phases, and the start and end of these analyzes or processes can be marked. Each large The major phase is composed of 0 or more minor phases, which are executed sequentially. A process refers to a series of program behaviors that can complete a specific function. The first major phase is the slice calculation phase, which consists of 3 minor phases. That is, the object flow analysis phase, the dependency analysis phase, and the slice collection phase; the second major phase is the slice result processing phase, without a minor phase, and the execution process is as follows: 1)首先初始化一个切片器slicer对象,包括指定被切片程序、切片范围、类型;1) First initialize a slicer object, including specifying the slicer program, slice range, and type; 2)在切片器引擎中执行对象流分析,在指定标签tag名称,装载系统环境变量和切片配置后,通过执行对象流分析和依赖分析,生成程序依赖图;2) Perform object flow analysis in the slicer engine. After specifying the tag name, loading system environment variables and slice configuration, by performing object flow analysis and dependency analysis, a program dependency graph is generated; 3)收集切片,由切片器引擎驱动,将程序的AST中属于切片组成部分的节点用指定的标签名称tagName进行标注,AST是Abstract Syntax Tree的缩写,表示抽象语法树,若节点被指定的tagName标注,意味着其属于切片的组成部分,被标识的节点有两种类型即标签类taggedClasses和标签方法taggedMethods两个集合collection,通过这种方式,识别切片;3) Collect slices, driven by the slicer engine, mark the nodes in the AST of the program that are part of the slice with the specified tag name tagName, AST is the abbreviation of Abstract Syntax Tree, which means the abstract syntax tree, if the node is specified by the tagName Annotation means that it belongs to the slice. There are two types of marked nodes, namely taggedClasses and taggedMethods. In this way, the slice is identified; 4)处理切片结果,完成从jimple语句到Java语句的映射,依据先前指定的tagName识别出属于切片的语句,再根据语句中带有源语句行号信息,在源程序中识别出对应的Java形式的语句,实现将jimple语句形式的切片结果转化成一般Java语句。4) Process the slicing results, complete the mapping from the jimple statement to the Java statement, identify the statement that belongs to the slice according to the previously specified tagName, and then identify the corresponding Java form in the source program according to the line number information of the source statement in the statement statement to convert the slicing result in the form of jimple statement into a general Java statement.
CN2009100693254A 2009-06-18 2009-06-18 Method for estabilishing Web service security analysis model based on program slice Active CN101588363B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN2009100693254A CN101588363B (en) 2009-06-18 2009-06-18 Method for estabilishing Web service security analysis model based on program slice

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN2009100693254A CN101588363B (en) 2009-06-18 2009-06-18 Method for estabilishing Web service security analysis model based on program slice

Publications (2)

Publication Number Publication Date
CN101588363A CN101588363A (en) 2009-11-25
CN101588363B true CN101588363B (en) 2011-12-14

Family

ID=41372426

Family Applications (1)

Application Number Title Priority Date Filing Date
CN2009100693254A Active CN101588363B (en) 2009-06-18 2009-06-18 Method for estabilishing Web service security analysis model based on program slice

Country Status (1)

Country Link
CN (1) CN101588363B (en)

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101873323B (en) * 2010-06-21 2012-09-05 南京邮电大学 Web service platform based on program slicing technique
CN102193556B (en) * 2011-04-18 2012-10-31 华东师范大学 Automobile electronic device interrupt safety hidden danger detection system and its detection method
CN102790712B (en) * 2011-05-17 2015-07-15 北京航空航天大学 Web service security treatment method and system
CN104933360B (en) * 2015-05-21 2018-05-18 中国科学院信息工程研究所 Android platform based on program dependency graph is counterfeit to apply detection method
CN106534167A (en) * 2016-12-06 2017-03-22 郑州云海信息技术有限公司 Network encryption transmission method based on XML and system
US11763007B1 (en) * 2023-04-19 2023-09-19 Citibank, N.A. Systems and methods for performing vulnerability assessment on partially functional applications

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1140519A (en) * 1994-12-07 1997-01-15 美国松下电器公司 Security system for interconnected computer networks
US20060008088A1 (en) * 2004-07-09 2006-01-12 Nokia Corporation Software plug-in framework to modify decryption methods in terminals
CN1909551A (en) * 2005-08-03 2007-02-07 北京航空航天大学 Data Exchange Method Based on Web Service

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1140519A (en) * 1994-12-07 1997-01-15 美国松下电器公司 Security system for interconnected computer networks
US20060008088A1 (en) * 2004-07-09 2006-01-12 Nokia Corporation Software plug-in framework to modify decryption methods in terminals
CN1909551A (en) * 2005-08-03 2007-02-07 北京航空航天大学 Data Exchange Method Based on Web Service

Also Published As

Publication number Publication date
CN101588363A (en) 2009-11-25

Similar Documents

Publication Publication Date Title
CN101588363B (en) Method for estabilishing Web service security analysis model based on program slice
CN113190330B (en) Block chain threat sensing system and method
Zanarini et al. Precise enforcement of confidentiality for reactive systems
Hussein et al. UMLintr: a UML profile for specifying intrusions
CN114817038B (en) Blockchain system testing method, system, computer equipment and storage medium
Nayrolles et al. Improving SOA antipatterns detection in Service Based Systems by mining execution traces
CN115270131A (en) A Java deserialization vulnerability detection method and system
Schmerl et al. Architecture modeling and analysis of security in android systems
Auricchio et al. An automated approach to web offensive security
Dalezios et al. Digital forensics cloud log unification: Implementing CADF in Apache CloudStack
Ruiz et al. Security knowledge representation artifacts for creating secure IT systems
Ma et al. Sulleyex: A fuzzer for stateful network protocol
Zhu et al. A model-based aspect-oriented framework for building intrusion-aware software systems
CN118585999A (en) A method to automatically analyze POC and develop rules through large models
CN118540108A (en) Threat matrix-based cloud primary network policy generation method and device
Acosta et al. Network data curation toolkit: cybersecurity data collection, aided-labeling, and rule generation
Covaci et al. A new paradigm to address threats for virtualized services
LaMalva et al. Python cryptographic secure scripting concerns: A study of three vulnerabilities
Chen et al. Custompro: Network protocol customization through cross-host feature analysis
Liu et al. Understanding digital forensic characteristics of smart speaker ecosystems
Méré et al. Evaluating formal model verification tools in an industrial context: the case of a smart device life cycle management system
Azarmi End-to-end security in service-oriented architecture
CN112699381A (en) Socket protocol-based vulnerability detection device and vulnerability detection method
Mourlin et al. Monitoring architecture for fog and mobile cloud
Morio et al. SpecMon: Modular Black-Box Runtime Monitoring of Security Protocols

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
TR01 Transfer of patent right

Effective date of registration: 20201120

Address after: No.150 Pingdong Avenue, Pingchao Town, Tongzhou District, Nantong City, Jiangsu Province

Patentee after: Jiangsu Yongda power telecommunication installation engineering Co.,Ltd.

Address before: 300072 Tianjin City, Nankai District Wei Jin Road No. 92

Patentee before: Tianjin University

TR01 Transfer of patent right
CP03 Change of name, title or address

Address after: 226300 150 Pingdong Avenue, Pingchao Town, Tongzhou District, Nantong City, Jiangsu Province

Patentee after: Jiangsu Yongda Energy Group Co.,Ltd.

Country or region after: China

Address before: No. 150 Pingdong Avenue, Pingchao Town, Tongzhou District, Nantong City, Jiangsu Province

Patentee before: Jiangsu Yongda power telecommunication installation engineering Co.,Ltd.

Country or region before: China

CP03 Change of name, title or address
点击 这是indexloc提供的php浏览器服务,不要输入任何密码和下载