Florida Atlantic University Department of Electrical and Computer Engineering &Computer Science ( ECECS ) &Computer Science ( ECECS ) Security Systems.

Slides:



Advertisements
Similar presentations
Primer Maryann Hondo, IBM Umit Yalcinalp, SAP. Current Proposal Introduction The WS-Policy specification defines a policy to be a collection of policy.
Advertisements

® IBM Software Group © IBM Corporation WS-Policy Attachment- spec overview Maryann Hondo IBM.
Web Service Architecture
WS-Policy Brian Garback. 2 Agenda  Introduction  Domain Terminology  Policy Expressions  Policy Assertions  Policy Attachments  Conclusion  Policy.
Claus von Riegen, SAP AG WS-Policy Overview W3C Workshop on Constraints and Capabilities for Web Services.
SOA and Web Services. SOA Architecture Explaination Transport protocols - communicate between a service and a requester. Messaging layer - enables the.
1 Industry-Wide System Management Standard Bernd Sint Seminar Grid Computing II WS 2006/07.
CERN – European Organization for Nuclear Research IT Department – Administrative Information Services Service Oriented Architecture definition and main.
Latest techniques and Applications in Interprocess Communication and Coordination Xiaoou Zhang.
Extending Web Applications with Web Services Mike Taulty Developer & Platform Group Microsoft Ltd
Web Service Security CSCI5931 Web Security Instructor: Dr. T. Andrew Yang Student: Jue Wang.
Prashanth Kumar Muthoju
Module 13: WCF Receive Adapters. Overview Lesson 1: Introduction to WCF Receive Adapters Lesson 2: Configuring a WCF Receive Adapter Lesson 3: Using the.
Secure Systems Research Group - FAU Web Services Standards Presented by Keiko Hashizume.
Constraints and Capabilities Workshop Oracle Position Ashok Malhotra Greg Pavlik.
Web Service Standards, Security & Management Chris Peiris
THE NEXT STEP IN WEB SERVICES By Francisco Curbera,… Memtimin MAHMUT 2012.
Web Services Interoperability in Healthcare Mark Oswald Program Manager, eBusiness Healthcare
13-Sep-15: 1 Web Services Framework Paper by IBM and Microsoft Andrew Layman, XML Web Services Architect, Microsoft Copyright © 2001 Microsoft Corporation,
Web Services and HL7v3 in IHE profiles Vassil Peytchev Epic.
Session 1194 JBuilder 2005 Web Services Designer Ravi Kumar Principal Engineer Borland.
Florida Atlantic University Department of Computer and Electrical Engineering &Computer Science ( CEECS ) Secure Systems Research Group Fall 2009 “A Pattern.
Web Services & WCF ~ Ankit. Web services A web service is a collection of protocols and standards used for exchanging data between applications or systems.
Web Services Security Standards Overview for the Non-Specialist Hal Lockhart Office of the CTO BEA Systems.
Secure Systems Research Group - FAU Using patterns to compare web services standards E. Fernandez and N. Delessy.
Secure Systems Research Group - FAU Web Services Cryptographic Patterns Presented by Keiko Hashizume Advisor: Prof. Eduardo Fernandez.
Web Services Management Framework by Umut Bultan & Gül Hünerkar.
Web Services Standards. Introduction A web service is a type of component that is available on the web and can be incorporated in applications or used.
XML Web Services Architecture Siddharth Ruchandani CS 6362 – SW Architecture & Design Summer /11/05.
Random Logic l Forum.NET l Web Services Enhancements for Microsoft.NET (WSE) Forum.NET ● October 4th, 2006.
Shibboleth Akylbek Zhumabayev September Agenda Introduction Related Standards: SAML, WS-Trust, WS-Federation Overview: Shibboleth, GSI, GridShib.
Secure Systems Research Group - FAU Patterns for Web Services Security Standards Presented by Keiko Hashizume.
W3C Web Services Architecture Security Discussion Kick-Off Abbie Barbir, Ph.D. Nortel Networks.
EGEE-II INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks Security Token Service Valéry Tschopp - SWITCH.
Web Services Presented By : Noam Ben Haim. Agenda Introduction What is a web service Basic Architecture Extended Architecture WS Stacks.
Secure Systems Research Group - FAU A Trust Model for Web Services Ph.D Dissertation Progress Report Candidate: Nelly A. Delessy, Advisor: Dr E.B. Fernandez.
Kemal Baykal Rasim Ismayilov
Secure Systems Research Group - FAU A Pattern for XML Signature Presented by Keiko Hashizume.
1 G52IWS: Web Services Chris Greenhalgh. 2 Contents The World Wide Web Web Services example scenario Motivations Basic Operational Model Supporting standards.
Using WS-I to Build Secure Applications Anthony Nadalin Web Services Interoperability Organization (WS-I) Copyright 2008, WS-I, Inc. All rights reserved.
Leveraging Web Service Security Standards Richard Jacob WSRP F2F LA, March, 2004.
Advanced Messaging CS409 Application Services Even Semester 2007.
Business Goal-Driven Optimization of Business Process in EERP James Wei Guo, eBridge China Symon Chang, BEA Systems Inc. April 29, 2008 Copyright © 2008.
Introduction to Web Services Presented by Sarath Chandra Dorbala.
1 WS-Policy. 2 What’s the Problem? To use a web service a client needs more information than is provided in WSDL file. Examples: –Does service support.
Lecture VI: SOAP-based Web Service CS 4593 Cloud-Oriented Big Data and Software Engineering.
Andrew J. Hewatt, Gayatri Swamynathan and Michael T. Wen Department of Computer Science, UC-Santa Barbara A Case Study of the WS-Security Framework.
Florida Atlantic University Department of Computer and Electrical Engineering &Computer Science ( CEECS ) Secure Systems Research Group Fall 2009 “A Pattern.
Emerging Standards for SOA Seminar Robert Marcus
1 “Indigo” & Web Services Roadmap David Gristwood.
Web Services Security Mike Shaw Architectural Engineer.
Web Services Security with WSE 2.0 Muhammad Saqib Ilyas
© 2005 Global Grid Forum The information contained herein is subject to change without notice Leading the pervasive adoption of grid computing for research.
Service Description: Addressing & Policy COMP6017 Topics on Web Services Dr Nicholas Gibbins –
A Semi-Automated Digital Preservation System based on Semantic Web Services Jane Hunter Sharmin Choudhury DSTC PTY LTD, Brisbane, Australia Slides by Ananta.
Service Oriented Architecture (SOA) Prof. Wenwen Li School of Geographical Sciences and Urban Planning 5644 Coor Hall
Introduction to Web Services
Sabri Kızanlık Ural Emekçi
WS-Policy Brian Garback Department of Computer Science
Web Service Metadata Exchange
W3C Workshop WS-Policy in the Web Service Architecture
Introduction to Web Services and SOA
Presentation transcript:

Florida Atlantic University Department of Electrical and Computer Engineering &Computer Science ( ECECS ) &Computer Science ( ECECS ) Security Systems Research Group Fall 2009 Web Services “Web Services Policy Standard ” Ola Ajaj Security Systems Research Group Fall 2009 Web Services “Web Services Policy Standard ” Ola Ajaj Security Systems Research Group Copyright © 2009 Ola Ajaj

Q: What are WS Specifications?   Specifications have been developed or are currently being developed to extend Web Services capabilities. These specifications are generally referred to as WS-*.   Specifications may complement, overlap, and compete with each other.   The current status of Web Services Standards is discussed and classified on the paper :  "Web services security: Standards and products"  [Fer09]E. B. Fernandez, K. Hashizume, I. Buckley, M. M. Larrondo-Petrie, and M. VanHilst, "Web services security: Standards and products", to appear in "Web Services Security Development and Architecture: Theoretical and Practical Issues", Carlos A. Gutierrez, Eduardo Fernandez-Medina, and Mario Piattini (Eds.), IGI Global Security Systems Research Group Copyright © 2009 Ola Ajaj

WS-Federation WS- SecureConversation WS-Authorization WS-PolicyWS-TrustWS-Privacy XKMS XML Encryption XML Digital Signature SOAP Foundation WS-Security SAMLXACMLSPML Security Systems Research Group Copyright © Ola Ajaj Security Standards

Transactions WS-Coordination WS-AtomicTransaction WS-BusinessActivity Metadata WS-Policy WS-PolicyAssertions WS-PolicyAttachment WS-SecurityPolicy WS-Discovery WS-MetadataExchange Messaging WS-Addressing WS-Eventing MTOM (Attachments) Reliability WS-ReliableMessaging Security WS-Security WS-Trust WS-SecureConversation WS-Federation WS-Privacy Q: What are WS Specifications ?? Security Systems Research Group Copyright © 2009 Ola Ajaj

XML Encryption Security Systems Research Group Copyright © 2009 Ola Ajaj Symmetric Encryption Asymmetric Encryption XSAML XML Signature Digital Signature With Hashing WS-Security WS- Policy WS-Federation WS- Trust WS-Secure Conversation

Security Systems Research Group Copyright © 2009 Ola Ajaj OLA REGISTRAR

Starting Point   Web Services Standards can be : Lengthy documents. Too many details. Difficult for vendors to develop products. Difficult for users to decide what product to use.   Also, several organizations that have different goals have developed standards that may overlap and even conflict to each other.   We develop patterns for these standards to have a better understanding of them. Security Systems Research Group Copyright © 2009 Ola Ajaj

CreatePurchaseOrderRequest CreatePurchaseOrderResponse Provider Consumer Broker (UDDI) Create Purchase Order SOAP/HTTP PublishService FindService PublishServiceMetadata FindServiceResponse FindServiceRequest Q: What is WS-Policy Model?

  WSDL   Policy references are made via global attributes or PolicyReference element as defined in WS-Policy   Policy references can be made to policy expressions defined inline, e.g. in wsdl:definitions section   UDDI   Policy references are made via UDDI categorization mechanism   Policy expressions are always remote to UDDI entities   Reusable policy expressions can be registered as distinct tModels   Policy-based discovery is limited to policy expression URIs Policy WSDL P UDDI Policy UDDI Policy Security Systems Research Group Copyright © Ola Ajaj Q: How to Attache Policy to WSDL and UDDI?

Q: How to achieve Policy Exchange?  Peer-to-peer  Consumer retrieves policy from provider (e.g. WS- MetadataExchange)  Brokered approach  Provider publishes policy to broker (e.g. UDDI)  Consumers subscribe to Web services used  Broker notifies consumers in case changes occur ProviderConsumer P Broker Consumer P' Security Systems Research Group Copyright © Ola Ajaj

Agenda  Introduction  Domain Terminology  Policy Expressions  Policy Assertions  Policy Attachments  Conclusion  Policy In Action Security Systems Research Group Copyright © 2009 Ola Ajaj

WS-Policy  Why?  To integrate software systems with web services.  What?  Provides a flexible and extensible grammar for expressing the capabilities, requirements, and general characteristics of Web Service entities  How?  Defines a model to express these properties as policies  Without this standard, developers need docs. Security Systems Research Group Copyright © 2009 Ola Ajaj

 Goal:  Provide the mechanisms needed to enable Web Services applications to specify policies  WS-Policy specifies:  An XML-based structure called a policy expression containing policy information  Grammar elements to indicate how the contained policy assertions apply Security Systems Research Group Copyright © 2009 Ola Ajaj

Agenda  Introduction  Domain Terminology (Web Services Policy 1.5 – Framework)  Policy Expressions  Policy Assertions  Policy Attachments  Conclusion  Policy In Action Security Systems Research Group Copyright © 2009 Ola Ajaj

Terminology  Policy: an empty collection of policy alternatives.  Policy alternative an empty collection of policy assertions.  Policy Assertion: represents a requirement, a capability, or other property of a behavior.  Policy Expression: set of one or more policy assertions.  Policy Subject: is an entity (e.g., an endpoint, message, resource, operation) with which a policy can be associated. Security Systems Research Group Copyright © 2009 Ola Ajaj

Policy Normal Form Policy Expression Collection of alternatives („pick one“) Policy Alternative Collection of assertions („do all“) Policy Assertion Domain-specific behavior Security Systems Research Group Copyright © Ola Ajaj Q: What is WS-Policy Model? Security Systems Research Group Copyright © 2009 Ola Ajaj

 Claim: A security statement about a subject.  Subject: An item, e.g. a Web Service, about which the claims expressed in the security token apply.  Security token: A representation of a security statement.  Web Service endpoint policy: The claims and related information that Web Services require in order to process messages.

Security Systems Research Group Copyright © 2009 Ola Ajaj OLA REGISTRAR

Terminology  Policy Attachment : the mechanism for associating policy expressions with one or more subjects. Security Systems Research Group Copyright © 2009 Ola Ajaj

Agenda  Introduction  Domain Terminology  Policy Expressions  Policy Assertions  Policy Attachments  Conclusion  Policy In Action Security Systems Research Group Copyright © 2009 Ola Ajaj

Policy Expressions  A Policy Expression is the XML representation of a policy  XML facilitates interoperability between a heterogeneous platforms. Security Systems Research Group Copyright © 2009 Ola Ajaj

Agenda  Introduction  Domain Terminology  Policy Expressions  Policy Assertions  Policy Attachments  Conclusion  Policy In Action Security Systems Research Group Copyright © 2009 Ola Ajaj

Policy Assertions  A policy assertion:  Represents an individual preference, requirement, capability, or other characteristic  Is the basic building block of a policy expression  an XML element with a well-known name and meaning Security Systems Research Group Copyright © 2009 Ola Ajaj

 What does this Assertion state?  The subject requires  The UTF-8 character encoding  Any form of the English language  SOAP version 1.1 General Assertion Example <wsp:SpecVersion wsp:Usage="wsp:Required" URI=" />... Security Systems Research Group Copyright © 2009 Ola Ajaj

Policy Reference  Mechanism to share policy assertions across policy expressions  Uses the naming conventions discussed above... <wsp:PolicyReference URI="..." Ref="..." Digest="..." DigestAlgorithm="..." />... Security Systems Research Group Copyright © 2009 Ola Ajaj

Policy Reference Example <wsp:Policy wsu:Id="tokensWithSignature" xmlns:wsp="..." xmlns:wsse="...">... <wsp:Policy wsu:Id="tokensWithEncryption" xmlns:wsp="..." xmlns:wsse="...">... Security Systems Research Group Copyright © 2009 Ola Ajaj

Agenda  Introduction  Domain Terminology  Policy Expressions  Policy Assertions  Policy Attachments  Conclusion  Policy In Action Security Systems Research Group Copyright © 2009 Ola Ajaj

Policy Attachments  WS-PolicyAttachment defines mechanisms to associate expressions with subjects  Specifically defines mechanisms for:  XML elements  WSDL definitions  UDDI entries  Uses attributes  wsp:PolicyURIs – list of URIs  wsp:PolicyPrefs – list of QNames Security Systems Research Group Copyright © 2009 Ola Ajaj

Policy Attachments  The attribute wsp:PolicyAttachment binds an endpoint to a policy expression  Requires no change to the web service s:SomePortType s:SomeService... Security Systems Research Group Copyright © 2009 Ola Ajaj

Agenda  Introduction  Domain Terminology  Policy Expressions  Policy Assertions  Policy Attachments  Conclusion  Policy In Action Security Systems Research Group Copyright © 2009 Ola Ajaj

Conclusion of WS-Policy  The policy specifications define a standard framework  Developers can:  express requirements, capabilities, and preferences in an interoperable way.  select web services more meaningfully.  Policies provide support for standard assertions. Security Systems Research Group Copyright © 2009 Ola Ajaj

Policy In Action  Web Service Enhancements (WSE) 2.0 for.NET 2.0 provides basic support for WS-Policy Security Systems Research Group Copyright © 2009 Ola Ajaj

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.