Security Patterns for Web Services 02/03/05 Nelly A. Delessy.

Slides:



Advertisements
Similar presentations
Enabling Secure Internet Access with ISA Server
Advertisements

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Unifying the conceptual levels of network security through use of patterns Ph.D Dissertation Proposal Candidate: Ajoy Kumar, Advisor: Dr Eduardo B. Fernandez.
Extending ForeFront beyond the limit TMGUAG ISAIAG AG Security Suite.
Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.
A Security Pattern for a Virtual Private Network Ajoy Kumar and Eduardo B. Fernandez Dept. of Computer Science and Eng. Florida Atlantic University Boca.
Network and Security Patterns
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.
Core Web Service Security Patterns
A Security Pattern for a Virtual Private Network Ajoy Kumar and Eduardo B. Fernandez Dept. of Computer Science and Eng. Florida Atlantic University Boca.
Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Internet Protocol Security (IPSec)
Web services security I
Pay As You Go – Associating Costs with Jini Leases By: Peer Hasselmeyer and Markus Schumacher Presented By: Nathan Balon.
Secure Remote Access to an Internal Web Server Christian Gilmore, David Kormann, and Aviel D. Rubin ATT Labs - Research “The security policy usually amounts.
Secure Systems Research Group - FAU Patterns for Digital Signature using hashing Presented by Keiko Hashizume.
Wolfgang Schneider NSI: A Client-Server-Model for PKI Services.
Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.
Intranet, Extranet, Firewall. Intranet and Extranet.
Cardea Requirements, Authorization Model, Standards and Approach Globus World Security Workshop January 23, 2004 Rebekah Lepro Metz
E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.
Lesson 20-Wireless Security. Overview Introduction to wireless networks. Understanding current wireless technology. Understanding wireless security issues.
Lecture 23 Internet Authentication Applications modified from slides of Lawrie Brown.
Computer Science and Engineering 1 Service-Oriented Architecture Security 2.
OV Copyright © 2013 Logical Operations, Inc. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
International Telecommunication Union Geneva, 9(pm)-10 February 2009 ITU-T Security Standardization on Mobile Web Services Lee, Jae Seung Special Fellow,
Module 9: Configuring IPsec. Module Overview Overview of IPsec Configuring Connection Security Rules Configuring IPsec NAP Enforcement.
Cosc 4765 SSL/TLS and VPN. SSL and TLS We can apply this generally, but also from a prospective of web services. Multi-layered: –S-http (secure http),
Patterns for Application Firewalls Eduardo B. Fernandez Nelly A. Delessy Gassant.
11 SECURING YOUR NETWORK PERIMETER Chapter 10. Chapter 10: SECURING YOUR NETWORK PERIMETER2 CHAPTER OBJECTIVES  Establish secure topologies.  Secure.
OV Copyright © 2011 Element K Content LLC. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.
Module 11: Remote Access Fundamentals
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 22 – Internet Authentication.
E-Commerce Security Professor: Morteza Anvari Student: Xiaoli Li Student ID: March 10, 2001.
Chapter 21 Distributed System Security Copyright © 2008.
PRESENTED BY P. PRAVEEN Roll No: 1009 – 11 – NETWORK SECURITY M.C.A III Year II Sem.
Module 9: Fundamentals of Securing Network Communication.
IT:Network:Apps.  RRAS does nice job of routing ◦ NAT is nice ◦ BASIC firewall ok but somewhat weak  Communication on network (WS to SRV) is in clear.
Authentication Mechanism for Port Control Protocol (PCP) draft-wasserman-pcp-authentication-01.txt Margaret Wasserman Sam Hartman Painless Security Dacheng.
SOA-39: Securing Your SOA Francois Martel Principal Solution Engineer Mitigating Security Risks of a De-coupled Infrastructure.
Extending ISA/IAG beyond the limit. AGAT Security suite - introduction AGAT Security suite is a set of unique components that allow extending ISA / IAG.
IT Security. What is Information Security? Information security describes efforts to protect computer and non computer equipment, facilities, data, and.
Secure Systems Research Group - FAU 1 A Trust Model for Web Services Ph.D Dissertation Progess Report Candidate: Nelly A. Delessy, Advisor: Dr E.B. Fernandez.
06/02/06 Workshop on knowledge sharing using the new WWW tools May 30 – June 2, 2006 GROUP Presentation Group 5 Group Members Ambrose Ruyooka Emmanuel.
A Pattern Language for Firewalls Eduardo B. Fernandez, Maria M. Petrie, Naeem Seliya, Nelly Delessy, and Angela Herzberg.
Secure Systems Research Group - FAU A Pattern for XML Signature Presented by Keiko Hashizume.
Securing Data Transmission and Authentication. Securing Traffic with IPSec IPSec allows us to protect our network from within IPSec secures the IP protocol.
Database Security Cmpe 226 Fall 2015 By Akanksha Jain Jerry Mengyuan Zheng.
7.6 Secure Network Security / G.Steffen1. In This Section Threats to Protection List Overview of Encrypted Processing Example.
IS3220 Information Technology Infrastructure Security
IP Security (IPSec) Matt Hermanson. What is IPSec? It is an extension to the Internet Protocol (IP) suite that creates an encrypted and secure conversation.
SECURITY. Security Threats, Policies, and Mechanisms There are four types of security threats to consider 1. Interception 2 Interruption 3. Modification.
Unit 2 Personal Cyber Security and Social Engineering Part 2.
Firewalls and Tunneling Firewalls –Acts as a barrier against unwanted network traffic –Blocks many communication channels –Can change the design space.
Message Digest Cryptographic checksum One-way function Relevance
Advanced Computer Networks
Presentation transcript:

Security Patterns for Web Services 02/03/05 Nelly A. Delessy

Pattern Language

XML Firewall Intent: To filter XML messages to/from enterprise applications, based on business access control policies and the content of the message. Context: Enterprise applications executing in distributed systems accessed through a local network, from the Internet, or from external networks. Problem: Some enterprise applications use tunneling into authorized flows (HTTP, SMTP,…) to communicate with the outside. They use higher level protocols such as SOAP and communicate through XML documents or XML-wrapped remote procedure calls. The XML content of these messages can contain harmful data and can be used to perform attacks against applications.Network firewalls provide infrastructure security but become useless when these high level protocols and formats are used.

XML Firewall

advantages: higher level of security than the Application Firewall for inputs which are XML documents or requests. liabilities: –bottleneck in the network –intrusive for existing applications that already implement their own access control or their own filtering. –The application firewall needs to manage the corresponding cryptographic keys necessary to encrypt/decrypt data, or verify digital signatures.

Multiple Agent Intent: To enforce an organization’s security policies for every valuable resource of the computer system (applications, hosts, subnetworks). Context: Computer systems logically consisting of several applications executing on various hosts and partitioned in subnetworks. The applications are executing in distributed systems and are accessed from the local subnetwork, the Internet, or other subnetworks. Problem: It is crucial that these security policies are enforced throughout the computer system. A Security Reverse Proxy can enforce access security policies at the boundaries of a subnetwork, by typically filtering requests going through it. But each application and each host may be accessed through internal networks and a reverse proxy could not be sufficient to block attacks coming from them. Besides, how do we enforce other types of security policies?

Multiple Agent Security Multiple Agents System enforcesPolicyOn * * protects 1 1 Security Agent * Enforcement Agent uses * * Support Agent collaboratesWith ** Policy Referential Resource Client accesses** * * accessesThrough Application Level Implementation Level

Advantages: –The solution is non-intrusive for the computer system. –The security checks can be applied to a variety of specific technologies by the means of specialized agents. The solution is flexible. –The enforcement system is separated from the referential for the business policies. Thus a change in business policies won’t affect the enforcement of these policies. –The security checks won’t create a bottleneck in the network. –Computer System is more secure, as the application is protected from the calls coming from all internal networks. Liabilities: –The number and the variety of agents necessary may make the system expensive to develop, deploy, and administrate. –The system is not scalable, as for each new object to be protected, we need to add a new agent. Multiple Agent

Intent: To establish a trust relationship between a consumer and a web service. Context: Consumers use automatic service discovery to access a web service. Problem: The service or the consumer could both be malicious. How is it decided whether or not the consumer should access the web service? Forces: –The identity of the consumers may not be known in advance by the web service. –The security policies of the user and the web service could be expressed in different ways. Trust Negotiation

Consequences: –Consumers do not need to be identified to access a web service. –A variety of policies could be processed. Known uses: –WSPL –WS- Policy ?? Trust Negotiation

Intent: To realize propagation of the trust among separate web services. Context: A set of web services in different security domains are accessed by a variety of consumers. Problem: A consumer could be malicious. How can he be authenticated or authorized to access a service whereas he is not known in the security domain? Forces: –The identity of the consumers may not be known in advance by some of the web services. –A consumer may have used several other web services Federation

Add OCL constraints… A user must be trusted by at least one web service

Consequences: –Consumers do not need to be identified to access a web service. –A trust relationship must exist between the web services. Known uses: –Liberty –WS- Federation Federation

Intent –Provide a confidential message. Context –Threat: eavesdropping Solution –Make it impossible for attackers to get or read any message content by encrypting it and transmitting an encrypted message instead of the original message. Implementation Options –SSL or XML ENCRYPTION Confidential Message [1]

Intent –Provide a message with integrity. Context –Threat: falsification Solution –Make it impossible for attackers to get any messages, or make it possible for the receiver to detect any changes to the messages by attaching digital signatures to a message. Implementation Options –SSL, DSIG or MAC Message with Integrity[1]

Intent –Authenticate the message source. Context –Threat: masquerade Solution –Perform authentication and make it impossible for attackers to get or reuse any authentication information. Implementation Options –PASS + SSL, PASS + NONCE + ENC, DSIG + NONCE, MAC + NONCE, DSIG + SSL or MAC + SSL Authenticated Message Source [1]

Intent –Provide a message that cannot be repudiated. Context –Threat: repudiation Solution –Add versions for every message to be sent and attach digital signatures to messages using a private key. Implementation Options –DSIG + NONCE or DSIG + SSL Non-Repudiated Message[1]

References [1] M. Tatsubori, T. Imamura, Y. Nakamura, "Best-Practice Patterns and Tool Support for Configuring Secure Web Services Messaging," Proceedings of the IEEE International Conference on Web Services (ICWS’04) [2] "Security in a Web Services World: A Proposed Architecture and Roadmap," Apr 7, [3] H. Skogsrud, B. Benatallah, F. Casati, "TrustServ: Model-Driven Lifecycle Management of Trust Negotiation Policies for Web Services":

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.