A Tool for Supporting Developers in Analyzing the Security of Web-Based Security Protocols

  • Giancarlo Pellegrino
  • Luca Compagna
  • Thomas Morreggia
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8254)


Security protocols are specified in natural language, are highly-configurable, and may not match the internal requirements of the development company. As a result, developers may misunderstand the specifications, may not grasp the security implications of configurations, and may deviate from the specifications introducing flaws. However, none of the existing security testing techniques provides the features, scalability, and usability to support developers in assessing the security of protocol configurations and deviations. This paper presents a tool that leverages on existing design verification and security testing techniques, and extends them to support developers in analyzing security protocols. We used the tool for the analysis of prominent security protocols (i.e., SAML SSO, OpenID, OAuth2), and of six industrial-size implementations.


Model Checker Security Protocol Derivation Tree Security Testing Implementation Decision 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Armando, A., et al.: The AVANTSSAR Platform for the Automated Validation of Trust and Security of SOA. In: Flanagan, C., König, B. (eds.) TACAS 2012. LNCS, vol. 7214, pp. 267–282. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  2. 2.
    Armando, A., Carbone, R., Compagna, L.: Ltl model checking for security protocols. In: 20th IEEE CSF 2007 (July 2007)Google Scholar
  3. 3.
    Armando, A., Carbone, R., Compagna, L., Cuellar, J., Abad, L.T.: Formal Analysis of SAML 2.0 Web Browser Single Sign-On: Breaking the SAML-based Single Sign-On for Google Apps. In: Proc. of ACM FMSE 2008 (2008)Google Scholar
  4. 4.
    Armando, A., Carbone, R., Compagna, L., Cuéllar, J., Pellegrino, G., Sorniotti, A.: An authentication flaw in browser-based single sign-on protocols: Impact and remediations. Computers and Security 33 (2013)Google Scholar
  5. 5.
    Armando, A., Carbone, R., Compagna, L., Pellegrino, G.: Automatic security analysis of SAML-based single sign-on protocols. In: Digital Identity and Access Management: Technologies and Framework, ch. 10 (2011)Google Scholar
  6. 6.
    Armando, A., Pellegrino, G., Carbone, R., Merlo, A., Balzarotti, D.: From model-checking to automated testing of security protocols: Bridging the gap. In: Brucker, A.D., Julliand, J. (eds.) TAP 2012. LNCS, vol. 7305, pp. 3–18. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  7. 7.
    Büchler, M., Oudinet, J., Pretschner, A.: Semi-automatic security testing of web applications from a secure model. In: SERE 2012 (2012)Google Scholar
  8. 8.
    Doupé, A., Cova, M., Vigna, G.: Why johnny can’t pentest: An analysis of black-box web vulnerability scanners. In: Kreibich, C., Jahnke, M. (eds.) DIMVA 2010. LNCS, vol. 6201, pp. 111–131. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  9. 9.
    Guangdong, B., Guozhu, M., Jike, L., Sai, S.V., Prateek, S., Jun, S., Yang, L., Jinsong, D.: Authscan: Automatic extraction of web authentication protocols from implementationsGoogle Scholar
  10. 10.
    Jovanovic, N., Krügel, C., Kirda, E.: Pixy: A static analysis tool for detecting web application vulnerabilities (short paper). In: IEEE Symposium on Security and Privacy, pp. 258–263. IEEE Computer Society (2006)Google Scholar
  11. 11.
    Mödersheim, S., Viganò, L.: The open-source fixed-point model checker for symbolic analysis of security protocols. In: Aldini, A., Barthe, G., Gorrieri, R. (eds.) FOSAD 2009. LNCS, vol. 5705, pp. 166–194. Springer, Heidelberg (2009)Google Scholar
  12. 12.
    OASIS Consortium. Security Assertion Markup Language V2.0 Tech. Overview (March 2008),
  13. 13.
    Shmatikov, V., Mitchell, J.C.: Finite-state analysis of two contract signing protocols. Theoretical Computer Science 283(2), 419–450 (2002)MathSciNetCrossRefzbMATHGoogle Scholar

Copyright information

© IFIP International Federation for Information Processing 2013

Authors and Affiliations

  • Giancarlo Pellegrino
    • 1
    • 2
  • Luca Compagna
    • 2
  • Thomas Morreggia
    • 2
  1. 1.EurecomSophia-AntipolisFrance
  2. 2.SAP AGFrance

Personalised recommendations