Presented by Sonali Pagade Nibha Dhagat http www cs unb ca baseweb baseweb03 papers abbie barbir BaseWe b2003 paper1 pdf Introduction Web Services are emerging as an important technology for various forms of Information Services A key Enabler is to develop an effective security model for Web Services No broadly adopted specifications yet This paper describes a multi layered security architecture to be used by Enterprise for securing Web Services Introduction Some aspects of Web Services are standardized in OASIS Our goal is to develop Semantic Web Enabled Web Services The use of semantic web technologies such as ontologies will help in transforming the web into a distributed device that can handle machine processable and machine interpretable content Introduction This paper talks about an integrated security architecture that can be used at multiple layers in a network to ensure network and web service security Challenges and Requirements Requirements for providing end to end WS security are Authentication Mechanism Authorization to access resources Data integrity and confidentiality Integrity of transactions and communications Non repudiation End to end integrity and confidentiality of messages Security and Audit trials Distributed security policy enforcement Current Mechanisms Some of the important existing security standards are XKMS SAML XACML XML Signature and XML Encryption WS Security Integrated Security Architecture Organizations that are considering implementing Web Services need to make security an integral part of their efforts The Integrated Security Architecture promotes a process rather than an endpoint Effective security is not achieved through a one time initiative The integrated security architecture is based on the following key elements Multi layer security that defines security protection functions at application network assisted and network security levels Variable depth security across the enterprise and not just at the edge of the Internet Closed loop policy management Uniform access management Secure network operations Secure multimedia communications Integrated Security Architecture Basic Security Stages Integrated Security Architecture and Web Services Security Distributed Identities The users of Web Services may belong to various security domains and may need to communicate with each other using different identity verification schemes Distributed Policies Policy principles behind the Integrated Security Architecture enable organizations to support distributed policies as they relate to Web Services Secure Discovery The principles in the Integrated Security Architecture enable the development of secure discovery mechanisms whereby the policies that specify who can discover a service can be enforced Message Security Message security can ensure privacy confidentiality and interaction integrity Conclusion A key enabler of the development and future deployment of Semantic Web Services is the creation and adoption of an effective security model for the current generation of Web Services
View Full Document
Unlocking...