1 Web Service Security Through A Guard Roxanne Yee Home Institution: University of Hawai ʻ i at Mānoa Internship Site: Akimeka, LLC Mentor: Marc Lefebvre.

Slides:



Advertisements
Similar presentations
You have been given a mission and a code. Use the code to complete the mission and you will save the world from obliteration…
Advertisements

1 Senn, Information Technology, 3 rd Edition © 2004 Pearson Prentice Hall James A. Senns Information Technology, 3 rd Edition Chapter 7 Enterprise Databases.
Computer Networks TCP/IP Protocol Suite.
Advanced Piloting Cruise Plot.
Chapter 1 The Study of Body Function Image PowerPoint
Copyright (c) 2002 Japan Network Information Center Introduction of JPNICs New Registry System Izumi Okutani IP Address Section Japan Network Information.
By Rick Clements Software Testing 101 By Rick Clements
1 Hyades Command Routing Message flow and data translation.
19 Copyright © 2005, Oracle. All rights reserved. Distributing Modular Applications: Developing Web Services.
18 Copyright © 2005, Oracle. All rights reserved. Distributing Modular Applications: Introduction to Web Services.
Copyright CompSci Resources LLC Web-Based XBRL Products from CompSci Resources LLC Virginia, USA. Presentation by: Colm Ó hÁonghusa.
Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13
Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13
Title Subtitle.
My Alphabet Book abcdefghijklm nopqrstuvwxyz.
FACTORING ax2 + bx + c Think “unfoil” Work down, Show all steps.
Universitá degli Studi di LAquila Mälardalens Högskola, Västerås 10th September 2009 Integrating Wireless Systems into Process Industry and Business Management.
Communicating over the Network
Server Access The REST of the Story David Cleary
Chapter 1 Data Communications and NM Overview 1-1 Chapter 1
Week 2 The Object-Oriented Approach to Requirements
Electric Bus Management System
Built-In Test Software for Deformable Mirror High Voltage Drivers Built-In Test Software for Deformable Mirror High Voltage Drivers Jianwei Zhou Home Institution:
ABC Technology Project
1 Undirected Breadth First Search F A BCG DE H 2 F A BCG DE H Queue: A get Undiscovered Fringe Finished Active 0 distance from A visit(A)
25 July, 2014 Hailiang Mei, TU/e Computer Science, System Architecture and Networking 1 Hailiang Mei Remote Terminal Management.
VOORBLAD.
IONA Technologies Position Paper Constraints and Capabilities for Web Services
1 A Problem of Time and Telescopes By: Tyler Yoshiyama Home Institution: UH Hilo Mentor: Ross Matoi.
Factor P 16 8(8-5ab) 4(d² + 4) 3rs(2r – s) 15cd(1 + 2cd) 8(4a² + 3b²)
XML Web Services Monash University Semester 1, March 2006.
31242/32549 Advanced Internet Programming Advanced Java Programming
© 2012 National Heart Foundation of Australia. Slide 2.
Understanding Generalist Practice, 5e, Kirst-Ashman/Hull
Executional Architecture
Chapter 5 Test Review Sections 5-1 through 5-4.
GG Consulting, LLC I-SUITE. Source: TEA SHARS Frequently asked questions 2.
Creating a Geoprocessing Model for Maui’s E911 By Shanoa Miller Internship: Akimeka LLC Mentor: Maria Nieves Advisor: Tony Ramirez.
Adaptive Optics Institute for Astronomy David Kim.
DB analyzer utility An overview 1. DB Analyzer An application used to track discrepancies and other reports in Sanchay Post Constantly updated by SDC.
By: Jennifer Liem Internship: Textron Mentors: Randy Goebbert, Nathan Kimura, Ross Matoi.
1. SMA Project Description Background Design Construction Test Conclusion Acknowledgments 2.
1.  Background on AMiBA  Problems/Things to Consider  Solutions/introduce my project  Fabrication  Conclusion  Acknowledgments 2.
25 seconds left…...
H to shape fully developed personality to shape fully developed personality for successful application in life for successful.
Januar MDMDFSSMDMDFSSS
Chapter 10: The Traditional Approach to Design
Systems Analysis and Design in a Changing World, Fifth Edition
We will resume in: 25 Minutes.
©Brooks/Cole, 2001 Chapter 12 Derived Types-- Enumerated, Structure and Union.
How to Fill out a PAR for a New Standard Revised 8 July 2010.
Intracellular Compartments and Transport
PSSA Preparation.
VPN AND REMOTE ACCESS Mohammad S. Hasan 1 VPN and Remote Access.
Immunobiology: The Immune System in Health & Disease Sixth Edition
Immunobiology: The Immune System in Health & Disease Sixth Edition
By Rasmussen College. 1. What majors or programs do you offer? 2. What is the average length of your programs? 3. What percentage of your students graduate?
CpSc 3220 Designing a Database
Introduction Peter Dolog dolog [at] cs [dot] aau [dot] dk Intelligent Web and Information Systems September 9, 2010.
TCP/IP Protocol Suite 1 Chapter 18 Upon completion you will be able to: Remote Login: Telnet Understand how TELNET works Understand the role of NVT in.
Darcy Bibb Oceanit Mentor: Tony Bartnicki Advisor: Curt Leonard Home Institution: Maui Community College Integration of a Small Telescope System for Space.
Increasing Image Transfer Speed In MSAT Through Image Compression David Elies Akimeka, LLC Advisor: Steve Schweibinz Mentor: Rob Reed.
Proprietary Wireless Network for the Digital Bus Kianiwai Spangler CFAO Akamai Internship Advisor: Alisa Manangan Supervisor: Cynthia Fox Akimeka, LLC.
A New WAVE of ENERGY Jasmine Yoshimoto Mentor: Ned Davis Maui Akamai Internship Program Internship site: Trex Enterprises August 4,
Image Restoration in Strong Atmospheric Turbulence
Presentation transcript:

1 Web Service Security Through A Guard Roxanne Yee Home Institution: University of Hawai ʻ i at Mānoa Internship Site: Akimeka, LLC Mentor: Marc Lefebvre Advisor: Todd Lawson

2 Presentation Overview Project Hierarchy and Motivation Background and Terminology Guard Web Service Security My Specific Part Test Bench An Example Questions

3 Information Assurance (IA) Group Cross Domain Solutions (CDS) Group GWSG (Global Web Services Gateway) Project Service Oriented Architecture (SOA) Test Lab Customers National Security Agency (NSA) Defense Information Systems Agency (DISA)

4 GWSG Project Motivation Goal To enhance the capabilities of a user on a classified network to gain immediate access to data available on an unclassified network Unclassified Database Classified Network User

5 GWSG Project Motivation One Method Currently Used To Access Data Unclassified Database Classified Database Classified Network User (Soldier) Sneaker-net

6 GWSG Project Motivation Disadvantages to Current Methods Redundancies of Data Time Costly Replication Transportation Need For Data Synchronization Frequent Updates No Guarantee of Data Availability Extra Manpower by Man-In-The-Loop

7 GWSG Project Motivation New Cross Domain Solution (CDS) Web Services Technology Unclassified Database Classified Network User (Soldier) Guard

8 SOA Test Lab Component Goal Evaluate Guards Specified by NSA and DISA Compare capability and effectiveness to process message formats used by web services today Provide the best guard solution given a specific situation in which the guard would be applied

9 My Part In The SOA Test Lab Research and Document How To Implement Web Service Security Controlled and Predictable Environment Test Web Service Findings To Be Used In SOA Test Lab Foundation Template

10 WSS, SOAP, and HTTP WSS or WS-Security (Web Service Security) OASIS (Organization for the Advancement of Structured Information Standards) Applied to SOAP Messages SOAP (Simple Object Access Protocol) Message Format HTTP (Hypertext Transfer Protocol) Transport Protocol

11 The Project: Test Bench Client and Server on same computer Communicate through localhost interface Client (soapUI) Server (Axis2) * SOAP Request and SOAP Response

12 The Project: Open-Source Software Server Side Tomcat Axis2 1.4 Rampart 1.4 Client Side soapUI 2.0.2

13 The Project: Test Bench Client and Server on same computer Communicate through localhost interface Client (soapUI) Server (Axis2) * SOAP Request with WSS

14 soapUI Outgoing Configuration Interface Used to Apply WSS to Request To Server

15 A SOAP Message Request w/o WSS Hello? Usual Request soapUI Sends w/o WSS

16 A SOAP Message Request Header with WSS <wsse:UsernameToken wsu:Id=“UsernameToken ” xmlns:wsu:=“ alice bobPW Additional WSS Informational Applied To Usual Request soapUI

17 The Project: Test Bench Client and Server on same computer Communicate through localhost interface Client (soapUI) Server (Axis2) * SOAP Response with WSS

18 services.xml Without Rampart <messageReceiver class= "org.apache.axis2.rpc.receivers.RPCMessageReceiver"/> org.apache.rampart.samples.policy.sample01.SimpleService Usual Configuration Scheme For A Service on The Server

19 services.xml with Rampart <sp:UsernameToken sp:IncludeToken= " username org.apache.rampart.samples.policy.sample01.PWCBHandler Additional Code To Tell Rampart What Type of WSS To Expect

20 The Project: Test Bench Client and Server on same computer Communicate through localhost interface Client (soapUI) Server (Axis2) * SOAP Messages with WSS

21 The Project: Ultimate Purpose Client (soapUI) Server (Axis2) * SOAP over HTTP with WSS * Proprietary Format over Proprietary Protocol localhost ClassifiedUnclassified Guard XML Firewall XML Firewall

22 WSS Mechanisms Attempted User Name Token Username and Password Timestamp Time to Live Encryption Confidentiality Signature Integrity and Authentication

23 An Example: Test Web Service ClientServer “Hi!”

24 An Example: Valid User Name Token ClientServer Echo Correct Username And Password

25 An Example: Invalid User Name Token ClientServer Incorrect Username And/Or Password Error

26 An Example: Test Results UsernamePasswordResult Correct Echo Incorrect Error Blank Error CorrectIncorrectError CorrectBlankError IncorrectCorrectError IncorrectBlankError BlankCorrectError BlankIncorrectError

27 Actual SOA Test Lab Setup

28 Acknowledgements VP Operations Matt Granger Program Manager Todd Lawson Mentor Marc Lefebvre GWSG Bryan Berkowitz Casey McGinty Scott Oshita Christopher Paris Derek Terawaki Helpful Coworkers Conrado Cortez Deanna Garcia Mark Mizubayashi Former Cubiclemates Ellen Federoff Kelly Ledford And Everyone Else Who Made Me Feel Welcome!

29 Acknowledgements Maui Akamai Internship Program Funding Center for Adaptive Optics (CfAO) National Science Foundation and Technology Center Grant (#AST ) Akamai Workforce Initiative National Science Foundation Grant and Air Force Office of Scientific Research Grant (#AST ) University of Hawai ʻ i Grant Program Staff Lisa Hunter Lani LeBron Scott Seagroves Lynne Raschke Short Course Instructors Dave Harrington Ryan Montgomery Isar Mostafanezhad Mark Pitts Sarah Sonnet And Everyone Else Who Contributed To This Valuable Experience!

30 Thank you! Any Questions?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.