DOC PREVIEW
UTD CS 6V81 - Security for Web Services and Service Oriented Architectures

This preview shows page 1-2-3-4-26-27-28-53-54-55-56 out of 56 pages.

Save
View full document
View full document
Premium Document
Do you want full access? Go Premium and unlock all 56 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 56 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 56 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 56 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 56 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 56 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 56 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 56 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 56 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 56 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 56 pages.
Access to all documents
Download any document
Ad free experience
Premium Document
Do you want full access? Go Premium and unlock all 56 pages.
Access to all documents
Download any document
Ad free experience

Unformatted text preview:

Security for Web Services and Service Oriented ArchitecturesAcknowledgementObjective and ScopeOutlineService Oriented Architecture (SOA) http://en.wikipedia.org/wiki/Service-oriented_architectureWeb service definitionSOAWeb Services (WS) FrameworkStandardization bodies related to Web ServicesSOA SecurityBasic Components of SOA SecurityWeb Services Security: Requirements and StandardsWS-* security Standards frameworkWS-* security standards implementationsXML EncryptionXML SignatureSecuring SOAP messages Web Services Security: SOAP Message Security 1.1 (WS-Security 2004) Status: Approved OASIS Standard Specification 1 February 2006What is WS-Security?WS-PolicyXACMLXACML – Key AspectsXACML data flow modelXACML ProtocolSlide 24Slide 25XACML policySecurity Assertion Markup Language (SAML)SAML basic conceptsSAML assertionsSAML entitiesSAML and XACMLSAML & Federated IdentitySummary PointsAppendixSecuring the network traffic: SSL/TLS and IPsecWS-Policy: Policy modelWS-Policy exampleSlide 38WS-Security mechanisms and considerationsWS-Security request exampleWS-SecureConversationSecurity policies for Web ServicesXACML Profile for Web-ServicesSAML profilesPolicies and Policy SetsOverview of the Policy ElementStandards for security management: XKMS (XML Key Management Standard)XKMS servicesStandards for security management: WS-TRUSTWS-TrustWS-Trust: trust modelWS-Trust: exampleWS-* Security standards and securityWS-* Security standards and interoperabilityWS-* Security standards and performanceXML Accelerators and FirewallsSecurity for Web Services and Service Oriented ArchitecturesBhavani ThuraisinghamThe University of Texas at DallasNovember 5, 20102AcknowledgementProfessors Elisa Bertino and Lorenzo Martino; Purdue University for much of the information and charts on web services security standards and digital identity management [email protected][email protected]Others:Dr. Frederica Pacci; University of Milan for ideas obtianed when serving on her thesis committee on reserach in web services securityProf. I-Ling Yen and Wei-She; University of Texas at Dallas for collaboration on web services security and the delegation modelBook by Thomas Erl on Service Oriented Architectures, Prentice Hall, 20053Objective and ScopeThe objective of this course is to provide an overview of the significant developments in SOA and Web Services Security Standards as well as directions for future developmentsCurrent work on SOA security is focusing mainly on access control as well as confidentiality and integrity.Solutions proposed for systems to address intrusion detection, denial of service and infrastructure attacks, insider threat analysis including data mining techniques for security applications are beyond the scope of this course.4OutlineSOA and Web services: OverviewSOA and Web services security: OverviewWS-Security and WS-* Security5Service Oriented Architecture (SOA) http://en.wikipedia.org/wiki/Service-oriented_architectureService Oriented Architecture (SOA) is an architectural style that guides all aspects of creating and using business processes, packaged as services, throughout their lifecycle, as well as defining and provisioning the IT infrastructure that allows different applications to exchange data and participate in business processes loosely coupled from the operating systems and programming languages underlying those applicationsSOA represents a model in which functionality is decomposed into distinct units (services), which can be distributed over a network and can be combined together and reused to create business applicationsThese services communicate with each other by passing data from one service to another, or by coordinating an activity between two or more services. SOA concepts makes software development flexible and extensibleService oriented analysis is becoming key to modeling and analyzing softwareThe concepts of Service Oriented Architecture are often seen as built upon, and the evolution of, the older concepts of distributed computing and modular programmingWhile object-orientation views the world as a collection of objects, service orientation views the world as a collection of servicesSOA is technology independent; however it is commonly realized using web services6Web service definition“A Web Service is a software system designed to support interoperable machine-to-machine interaction over a network. It has an interface described in a machine-processable format (specifically WSDL). Other systems interact with the Web service in a manner prescribed by its description using SOAP messages, typically conveyed using HTTP with an XML serialization in conjunction with other Web-related standards.”Source: http://www.w3.org/TR/ws-arch/7SOAService requestorService providersUDDIPublish ServicesQueryRequestAnswerResponse8Web Services (WS) FrameworkAn abstract (vendor neutral) existence defined by standards organizations and implemented by (proprietary) technology platformsCore building blocks that include web sercices, service descriptions and messagesA communication agreement centered around service descriptions and WSDLA messaging framework comprised of SOAP technology conceptsA service description registration and discovery architecture sometimes realized through UDDIA well defined architecture that supports messaging patterns and compositionsA second generation of web services extensions (also known as WS-* specifications) continually broadening its underlying feature-setConcepts in WS-* include: Message Exchange Patterns (MEP), Service Activity, Coordination, Atomic Transaction, Business Activities, Orchestration (WS-BPEL), Choreography (WS-CDL)Reference: Service Oriented Architecture, Thomas Erl, Prentice Hall, 20059Standardization bodies related to Web Services10SOA SecurityOur approach is to implement SOA through web services; therefore SOA security essentially is about web services securityThree core specificationsWS-Security, XML-Signature, XML-EncryptionWS*-Security is the second generation of technologies for SOA securitySingle sign-on (SSO) is a form of centralized security mechanism that complements the WS-Security extensionsRelated specifications for SOA securityWS-Security, WS-SecurityPolicy, WS-Trust, WS-SecureConversation, WS-Federation, XACML, Extensibe Rights Markup Language, XML Key Management, XML, Signature, SAML, .NET


View Full Document

UTD CS 6V81 - Security for Web Services and Service Oriented Architectures

Documents in this Course
Botnets

Botnets

33 pages

Privacy

Privacy

27 pages

Privacy

Privacy

27 pages

Load more
Download Security for Web Services and Service Oriented Architectures
Our administrator received your request to download this document. We will send you the file to your email shortly.
Loading Unlocking...
Login

Join to view Security for Web Services and Service Oriented Architectures and access 3M+ class-specific study document.

or
We will never post anything without your permission.
Don't have an account?
Sign Up

Join to view Security for Web Services and Service Oriented Architectures 2 2 and access 3M+ class-specific study document.

or

By creating an account you agree to our Privacy Policy and Terms Of Use

Already a member?