Jim Farmer JA-SIG Collaborative As prepared for the Portal Symposium 4: Electronic Student Services July 19, 2002, Chicago, Illinois Implementing Web Services.

Slides:



Advertisements
Similar presentations
Web Services Copyright © Liferay, Inc. All Rights Reserved. No material may be reproduced electronically or in print without written permission.
Advertisements

UDDI v3.0 (Universal Description, Discovery and Integration)
WEB SERVICES DAVIDE ZERBINO.
SOA and Web Services. SOA Architecture Explaination Transport protocols - communicate between a service and a requester. Messaging layer - enables the.
1 Introduction to XML. XML eXtensible implies that users define tag content Markup implies it is a coded document Language implies it is a metalanguage.
Web Services Security Multimedia Information Engineering Lab. Yoon-Sik Yoo.
A New Computing Paradigm. Overview of Web Services Over 66 percent of respondents to a 2001 InfoWorld magazine poll agreed that "Web services are likely.
W3C Activities HTML: is the lingua franca for publishing on the Web XHTML: an XML application with a clean migration path from HTML 4.01 CSS: Style sheets.
Web services security I
Secure Systems Research Group - FAU Web Services Standards Presented by Keiko Hashizume.
The Postsecondary Electronic Standards Council (PESC), XML Forum, and Standards Setting in Higher Education Jim Farmer University of Delaware instructional.
Implementing the ebXML Standards in Postsecondary Education Jim Farmer and Justin Tilton instructional media + magic, inc. As prepared for (but not delivered.
Web Service Standards, Security & Management Chris Peiris
2 Session # 50 Presented by: Russell Judd Chief Industry and Government Relations Officer Great Lakes Educational Loan Services Michael Sessa Executive.
1 Web Services and E-Authentication Adele Marsh, AES Charlie Miller, RIHEAA Session 35.
4/22/20031 Data Interchange Initiative Lower the Barrier of Entry to B2B eBusiness Prepared by Bennet Pang
Session #43 METEOR Russ Judd, Great Lakes Adele Marsh, AES Tim Cameron, NCHELP Electronic Access Conference December 3-6, 2002.
1 Georgia Higher Education Conference, March 5, 2003 Presented by: Russell Judd, Great Lakes Educational Loan Services, Inc.
Session 21-2 Session 11 Common Origination and Disbursement (COD) & Commonline: Dispel the Myths.
Lecture 23 Internet Authentication Applications modified from slides of Lawrie Brown.
What is Service Oriented Architecture ? CS409 Application Services Even Semester 2007.
Web Services Part II Yongqun He. J2EE-based Web Services.
Dr. Bhavani Thuraisingham October 2006 Trustworthy Semantic Webs Lecture #16: Web Services and Security.
The Meteor Project and Financial Aid Delivery Justin Tilton instructional media + magic, inc. Presented to: The National Association of Student Financial.
Modernizing Financial Aid Delivery A Status Report Jim Farmer instructional media + magic, inc. As presented at the 2001 Vermont Financial Aid Conference.
Jim Farmer As presented at the Common Solutions Group Meeting May 9, 2002 Chicago, Illinois Web Services: A Perspective.
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 22 – Internet Authentication.
Security Protocols and E-commerce University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.
1 NCHELP Update Common Record for FFELP & Alternative Loans Meteor The High Performance Channel.
Jim Farmer, JA-SIG Collaborative 20 June 2002 EUNIS 2002, Porto, Portugal Portals, uPortal, and Web Services.
Web Services Standards. Introduction A web service is a type of component that is available on the web and can be incorporated in applications or used.
Jim Farmer, University of Delaware at North Carolina State University May 21, 2001 Portals uPortal and JA-SIG.
W3C Web Services Architecture Security Discussion Kick-Off Abbie Barbir, Ph.D. Nortel Networks.
Semantic Web Technologies Research Topics and Projects discussion Brief Readings Discussion Research Presentations.
PKI and the U.S. Federal E- Authentication Architecture Peter Alterman, Ph.D. Assistant CIO for e-Authentication National Institutes of Health Internet2.
EGEE-II INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks Security Token Service Valéry Tschopp - SWITCH.
Web Services Presented By : Noam Ben Haim. Agenda Introduction What is a web service Basic Architecture Extended Architecture WS Stacks.
Enterprise Computing: Web Services
Jim Farmer As presented at the Portals2007 “Up and Running” Conference 7 June 2007 | Gettysburg College, Gettysburg PA USA From pilot to enterprise portal.
State of e-Authentication in Higher Education August 20, 2004.
E-Authentication in Higher Education April 23, 2007.
Workshop IV Current Developments in Digital Trust.
Jim Farmer, University of Delaware at the 3rd Annual Portal Technology Symposium San Diego, California July 10, 2001 JA-SIG and the uPortal.
What is a Web Service? Distributed Computing Model Distributed Computing Model  Loosely Coupled, Course Grained  Standard HTTP Transport  Sync/Async.
Kemal Baykal Rasim Ismayilov
1 G52IWS: Web Services Chris Greenhalgh. 2 Contents The World Wide Web Web Services example scenario Motivations Basic Operational Model Supporting standards.
Web Services: Are We There Yet? Jim Farmer Sakai Community Liaison 1 st Annual Conference on Technology & Standards Postsecondary Education Standards Council.
1 E-Authentication and Web Services Charlie Miller, RIHEAA.
Using WS-I to Build Secure Applications Anthony Nadalin Web Services Interoperability Organization (WS-I) Copyright 2008, WS-I, Inc. All rights reserved.
E-Authentication & Authorization Presentation to the EA2 Task Force March 6, 2007.
Project Presentation to: The Electronic Access Partnership July 13, 2006 Presented by: Tim Cameron, Meteor Project Manager The.
Task Force CoRD Meeting / XML Security for Statistical Data Exchange Gregory Farmakis Agilis SA.
BEA position on W3C ‘Web Services’ Standards Jags Ramnarayan 11th April 2001.
Introduction to Web Services Presented by Sarath Chandra Dorbala.
Web Services Security Standards Dr. Phillip M. Hallam-Baker C.Eng. FBCS VeriSign Inc.
Access Policy - Federation March 23, 2016
XML Related Technologies
Portals, uPortal and JA-SIG
Tim Bornholtz Director of Technology Services
WEB SERVICES DAVIDE ZERBINO.
Portals, uPortal, and the Meteor Channel
Implementing Web Services-based Applications: A Discussion
Portal and Channel Development
InfiNET Solutions 5/21/
NCHELP Update Common Record for FFELP & Alternative Loans Meteor
Presentation transcript:

Jim Farmer JA-SIG Collaborative As prepared for the Portal Symposium 4: Electronic Student Services July 19, 2002, Chicago, Illinois Implementing Web Services

JA-SIG Workshop Series Publisher’s note The Portals symposium was rescheduled from July 19, 2002 to October 28-29, 2002 at Northwestern University’s Kellogg School of Management, Chicago, Illinois. instructional media + magic, inc.

Web Services: The Business Opportunity

JA-SIG Workshop Series Web services defined “Web services are a set of standards for how systems connect to each other, and communicate information. It’s an extension of a distributed computing framework, which provides an open standard that most software vendors support.” Chandra Vekatapath Market Manager, Web Services, IBM Corporation, TheBusiness Integrator, Second Quarter 2002, pp. 5-11

JA-SIG Workshop Series Value of Web services “[Web services] provides a facility for an application or a system to collaborate with another application or systems regardless of how the applications are implemented, regardless of where they are implemented, or on which platform they are implemented.” Chandra Vekatapath Market Manager, Web Services, IBM Corporation, TheBusiness Integrator, Second Quarter 2002, pp. 5-11

JA-SIG Workshop Series Value of Web services “Web services enable systems to collaborate with each other regardless of the underlying infrastructure.” “Leverage existing infrastructure” “Easily use business processes of your partners and customers.” Chandra Vekatapath Market Manager, Web Services, IBM Corporation, TheBusiness Integrator, Second Quarter 2002, pp. 5-11

JA-SIG Workshop Series The business case Originally, the exchange of data with others. Now, integration between disparate application, disparate computer systems, disparate operating systems, disparate programming languages—the Enterprise Application Integration EAI bus. ___________________________________________ ”Getting access to stove-piped data is the primary reason for implementing Web services.” Uttam Nasrsu GIGA Information Group At the FSA CIO Update Conference Arlington, Virginia, May 8, 2002

JA-SIG Workshop Series Value of Web services technology Open standards Web service projects are taking one-fourth the time and costing one- fifth comparable projects using traditional technology. Performance is 2 to 10 times better than expected. HFC Bank - IFX credit card application using XML, SOAP and XSLT Deutsche Bank Bauspar - FixML security transaction integration using XML messages and XSL transformations Hypo Vereinsbank - Integration Based on presentations at the XSLT [Invitational] Conference Oxford, University, April 8-9, 2001

JA-SIG Workshop Series “Best of Breed” strategy “With Web services, best of breed becomes more feasible.” “Web services will make best of breed more cost effective.” Rick Bergquist, CTO of PeopleSoft as quoted by Heather Harreld and Mark Jones in “Chasing suite success,” InfoWorld, Nr. 24, June 17, 2002.

JA-SIG Workshop Series EDI and Web services compared Lower maintenance High maintenance Response to change TaggedPositionalData representation Near instantaneous Over night batch Processing cycle Network “cloud” Hub and spoke Network Topology Web ServicesEDI

Web Services: The Technology

JA-SIG Workshop Series Web services “building blocks” XML – Defining data, retrieving data (RDF, XMLQuery), style and presentation (XHTML, XSL, XSLT) SOAP – messaging mechanism WSDL – define and describe Web services for applications UDDI – service registry

JA-SIG Workshop Series Why XML and SOAP? “[XML and SOAP] will become a widely implemented ‘standard’ because they are simple.” Barry Walsh University of Indiana at the FSA CIO Update Conference Arlington, Virginia May 8, 2002

JA-SIG Workshop Series Typical SOAP implementation Access Provider Data Provider HTML over HTTP SOAP over HTTPS CollegeTarget

JA-SIG Workshop Series And now SAML Security Assertion Markup Language The set of specifications describing security assertions that are encoded in XML, profiles for attaching the assertions to various protocols and frameworks, the request/response protocol used to obtain the assertions, and bindings of this protocol to various transfer protocols (for example, SOAP and HTTP). Security Services Technical Committee, Glossary for the OASIS Security Assertion Markup Language (SAML), Draft, January 10, 2002

JA-SIG Workshop Series SAML Authentication Andy Boots, FSA CIO Technology Update,May 8, 2002

JA-SIG Workshop Series Gleason’s “Transitive Trust” SAML Assertions

JA-SIG Workshop Series Authentication and authorization Access Provider Data Provider Login & Password TLS Authentication SAML Assertion CollegeTarget ebXML Security Profile 3 Non-persistent confidentiality and non-persistent authentication

JA-SIG Workshop Series ED/FSA “Transitive Trust” Andy Boots, FSA CIO Technology Update, May 8, 2002

JA-SIG Workshop Series ED/FSA “Transitive Trust” 7 FSA Systems/ Datastores FSA SECURITY BOUNDARY Internet School or Other Official School/CREN/State Certificate Authority School or Other Official Shared Secret (Username/Password) Over SSL Student, Parent Or Borrower Personal data + PIN Over SSL Authentication Gateway (multi-protocol) Single Sign-On School or Other Official School Network/Portal Transitive Trust–Technical Vision Andy Boots, FSA CIO Technology Update, May 8, 2002 Digital Certificate SAML Assertions Certificate validation

JA-SIG Workshop Series Industry content standards IndustryStandards Financial Services Financial Reporting ebXML compliant IFX XBRL Student loans Financial aid CommonLine XML Common Record Human ResourcesHR-XML Academic RecordsPESC and California Community Colleges Library(In discussion)

JA-SIG Workshop Series Process content standards SAML XACML Security Assertions Security Access Control WSUIPresentation WSRPRemote Portlet WSFL and WfMLWork flow StandardFunction

Implementations

JA-SIG Workshop Series Web services in higher education Digital library search and retrieval (Columbia, Cornell) Transcripts (California Community Colleges, Florida, Texas, Arizona, Ohio) Student Aid (NCHELP, U.S. Department of Education) Security (Internet 2 Shibboleth) Portals (JA-SIG)

JA-SIG Workshop Series Meteor prototype (January 2001) Web Services HTML Meteor XML Student Access Provider Data Provider Student Access Provider Data Provider

JA-SIG Workshop Series Meteor Channel in the uPortal

The End Jim Farmer instructional media + magic, inc.

JA-SIG Workshop Series Web services acronyms XML – eXtensible Markup Language SOAP XMLP – “Simple Object Access Protocol,” now simply “SOAP” WSDL – Web Services Description Language UDDI – Universal Description, Discovery, and Integration

JA-SIG Workshop Series The standards DataXML ValidationSchema TransportSOAP (real-time) SMTP (batch) SecuritySAML DescriptionWSDL DirectoryUDDI TransformationXSLT Note: Message content is not defined by any of these standards.

JA-SIG Workshop Series XML “family” XHTML XLink, XPath, XPointer XForms XSL, XSLT XML Signature, XML Encryption, XML Key Management XML Query XML Schema RDF Metadata

JA-SIG Workshop Series The facets of security Confidentiality – communicated in secret Integrity – unaltered, genuine Anonymity – having a name or identity that is unknown or concealed. Non-repudiation – validity of identification of the parties and the date and time of the message, and integrity of the contents

JA-SIG Workshop Series Convergence: Authentication December 2000June 2001March 2001 SFA [NCS Proprietary] SAML [Oasis] S2ML [Netegrity] AuthML [Securant] XTASS [VeriSign] Internet 2 [Shibboleth]

JA-SIG Workshop Series SOAP template … [SAML Assertions here] … [Application XML document here] … [Status and Error messages here]

JA-SIG Workshop Series SAML Assertion AE0221 URN:dns-date: T12:34:00Z T13:34:00Z K College.edu/SIS/

JA-SIG Workshop Series Federal “Level of Assurance” Level of Assurance Identification Requirement Rudimentary Basic Medium High Test No identification requirement; address sufficient In person proofing or comparison with trusted information in a data base. Trusted agent has seen the person. Federally issued picture ID or two non-federal government ID, one shall be a photo ID. In person appearance. Information checked to ensure legitimacy. Federally issued picture ID or two non-federal government ID, one shall be a photo ID. Only used for testing interoperability. X.509 Certificate Policy for the Federal Bridge Certification Authority (FBCA) Federal Public Key Infrastructure Authority, February 11, 2002

JA-SIG Workshop Series Certificate Validation: XKMS The X-KISS specification defines a protocol for a Trust service that resolves public key information contained in XML-SIG elements. … The underlying PKI may be based upon … X.509/PKIX, SPKI or PGP. The X-KRSS specification defines a protocol for a web service that accepts registration of public key information. Both protocols are defined in terms of XML Schema Language (SOAP) v1.1 Web Services Definition Language v1.0 [WSDL]. XML Key Management Specification (XKMS 2.0), W3C Working Draft, March 18, 2002.

JA-SIG Workshop Series XKMS Key Validation Tier2 Protocol Provides Key Validation Service XML Key Management Specification (XKMS 2.0), W3C Working Draft, March 18, 2002

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.