The AVANTSSAR Platform is an integrated toolset for the formal specification and automated validation of trust and security of service-oriented architectures and other applications in the Internet of Services. The platform supports application-level specification languages (such as BPMN and our custom languages) and features three validation backends (CL-AtSe, OFMC, and SATMC), which provide a range of complementary automated reasoning techniques (including service orchestration, compositional reasoning, model checking, and abstract interpretation). We have applied the platform to a large number of industrial case studies, collected into the AVANTSSAR Library of validated problem cases. In doing so, we unveiled a number of problems and vulnerabilities in deployed services. These include, most notably, a serious flaw in the SAML-based Single Sign-On for Google Apps (now corrected by Google as a result of our findings). We also report on the migration of the platform to industry. © 2012 Springer-Verlag Berlin Heidelberg.
CITATION STYLE
Armando, A., Arsac, W., Avanesov, T., Barletta, M., Calvi, A., Cappai, A., … Viganò, L. (2012). The AVANTSSAR platform for the automated validation of trust and security of service-oriented architectures. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 7214 LNCS, pp. 267–282). https://doi.org/10.1007/978-3-642-28756-5_19
Mendeley helps you to discover research relevant for your work.