AUTHOR=Saeed Mozamel M. TITLE=Cloud security and authentication vulnerabilities in SOAP protocol: addressing XML-based attacks JOURNAL=Frontiers in Computer Science VOLUME=Volume 7 - 2025 YEAR=2025 URL=https://www.frontiersin.org/journals/computer-science/articles/10.3389/fcomp.2025.1595624 DOI=10.3389/fcomp.2025.1595624 ISSN=2624-9898 ABSTRACT=IntroductionThis research addresses the security weaknesses in SOAP-based web services, with a particular focus on authentication vulnerabilities resulting from XML-based attacks, such as Signature Wrapping or Replay Attacks. With an emphasis on the fact that an increasing number of cloud services are utilizing SOAP, this study aims to develop a formally verified model that can more effectively identify and address these vulnerabilities.MethodWe propose and execute a TulaFale-based verification framework that formally models SOAP authentication scenarios by introducing the standard constructs, UsernameToken, Timestamp, and X.509 digital certificates. These scripts are transformed into the applied pi-calculus and verified using the ProVerif verification tool to check for properties such as authentication, confidentiality, and message integrity.ResultsBy examining XML web services security problems and consulting with security professionals, a number of key risks were identified and discussed. The research contributes to developing a comprehensive language design for cloud security and vulnerabilities using Blanchet’s ProVerif. A controlled experimental testbed was set up to emulate client–server SOAP communication streams and to evaluate the model’s effectiveness in identifying an XML-based attack performed on the web services security framework. The framework was experimentally examined for verification time and scalability for concurrency, and for accuracy of identification. The results confirmed our success in identifying attack patterns and confirming secure message exchanges built to the standards set by WS-Security.DiscussionThe proposed approach addresses and allows for the addition of automated, formal verification to realistic SOAP deployments. By modeling and verifying a security protocol before the deployment, developers can be confident that their implementation is resilient against protocol-level vulnerabilities, improving the trust in the security of web services deployed within cloud applications.