Presentation is loading. Please wait.

Presentation is loading. Please wait.

Presented by: Sonali Pagade Nibha Dhagat paper1.pdf.

Published byGeorgiana Palmer Modified over 8 years ago

Similar presentations

Presentation on theme: "Presented by: Sonali Pagade Nibha Dhagat paper1.pdf."— Presentation transcript:

1 Presented by: Sonali Pagade Nibha Dhagat http://www.cs.unb.ca/baseweb/baseweb03/papers/abbie-barbir-BaseWeb2003- paper1.pdf

2 Introduction Web Services are emerging as an important technology for various forms of Information Services. A key Enabler is to develop an effective security model for Web Services. No broadly-adopted specifications yet. This paper describes a multi-layered security architecture to be used by Enterprise for securing Web Services.

3 Introduction Some aspects of Web Services are standardized in OASIS. Our goal is to develop Semantic Web Enabled Web Services. The use of semantic web technologies such as ontologies will help in transforming the web into a distributed device that can handle machine processable and machine interpretable content.

4 Introduction This paper talks about an integrated security architecture that can be used at multiple layers in a network to ensure network and web service security.

5

6 Challenges and Requirements Requirements for providing end-to-end WS-security are: Authentication Mechanism Authorization to access resources Data integrity and confidentiality Integrity of transactions and communications Non-repudiation End-to-end integrity and confidentiality of messages Security and Audit trials Distributed security policy enforcement

7

8 Current Mechanisms Some of the important existing security standards are: XKMS SAML XACML XML Signature and XML Encryption WS-Security

9 Integrated Security Architecture

10 Organizations that are considering implementing Web Services need to make security an integral part of their efforts. The Integrated Security Architecture promotes a process, rather than an endpoint. Effective security is not achieved through a one-time initiative.

11 The integrated security architecture is based on the following key elements: Multi-layer security that defines security protection functions at application, network assisted, and network security levels. Variable-depth security across the enterprise and not just at the edge of the Internet. Closed-loop policy management

12 Uniform access management Secure network operations Secure multimedia communications

13 Integrated Security Architecture

14 Basic Security Stages

15 Integrated Security Architecture and Web Services Security Distributed Identities The users of Web Services may belong to various security domains and may need to communicate with each other using different identity verification schemes. Distributed Policies Policy principles behind the Integrated Security Architecture enable organizations to support distributed policies as they relate to Web Services.

16 Secure Discovery The principles in the Integrated Security Architecture enable the development of secure discovery mechanisms, whereby, the policies that specify who can discover a service can be enforced. Message Security Message security can ensure privacy, confidentiality and interaction integrity.

17 Conclusion

18 A key enabler of the development and future deployment of Semantic Web Services is the creation and adoption of an effective security model for the current generation of Web Services.

Download ppt "Presented by: Sonali Pagade Nibha Dhagat paper1.pdf."

Similar presentations

Overview of Web Services

Overview of Web Services
OOI-CI–Ragouzis–2007.10.15 Ocean Observatories Initiative Cyberinfrastructure Component CI Design Workshop 17-19 October 2007.

OOI-CI–Ragouzis– Ocean Observatories Initiative Cyberinfrastructure Component CI Design Workshop October 2007.
A Public Web Services Security Framework Based on Current and Future Usage Scenarios J.Thelin, Chief Architect PJ.Murray, Product Manager Cape Clear Software.

A Public Web Services Security Framework Based on Current and Future Usage Scenarios J.Thelin, Chief Architect PJ.Murray, Product Manager Cape Clear Software.
0 Web Service Security JongSu Bae. 1  Introduction 2. Web Service Security 3. Web Service Security Mechanism 4. Tool Support 5. Q&A  Contents.

0 Web Service Security JongSu Bae. 1  Introduction 2. Web Service Security 3. Web Service Security Mechanism 4. Tool Support 5. Q&A  Contents.
SOA and Web Services. SOA Architecture Explaination Transport protocols - communicate between a service and a requester. Messaging layer - enables the.

SOA and Web Services. SOA Architecture Explaination Transport protocols - communicate between a service and a requester. Messaging layer - enables the.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Exchange Network Key Management Services A Security Component February 28, 2005 The Exchange Network Node Mentoring Workshop.

Exchange Network Key Management Services A Security Component February 28, 2005 The Exchange Network Node Mentoring Workshop.
Web Services and the Semantic Web: Open Discussion Session Diana Geangalau Ryan Layfield.

Web Services and the Semantic Web: Open Discussion Session Diana Geangalau Ryan Layfield.
Web Services Security Multimedia Information Engineering Lab. Yoon-Sik Yoo.

Web Services Security Multimedia Information Engineering Lab. Yoon-Sik Yoo.
MS DB Proposal Scott Canaan B. Thomas Golisano College of Computing & Information Sciences.

MS DB Proposal Scott Canaan B. Thomas Golisano College of Computing & Information Sciences.
Securing Web Services Using Semantic Web Technologies Brian Shields PhD Candidate, Department of Information Technology, National University of Ireland,

Securing Web Services Using Semantic Web Technologies Brian Shields PhD Candidate, Department of Information Technology, National University of Ireland,
Applied Cryptography for Network Security

Applied Cryptography for Network Security
Automated Policy Enforcement Adam Vincent, Layer 7 Federal Technical Director

Automated Policy Enforcement Adam Vincent, Layer 7 Federal Technical Director
Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,

Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
.NET Mobile Application Development Introduction to Mobile and Distributed Applications.

.NET Mobile Application Development Introduction to Mobile and Distributed Applications.
CS 522 WebServices -Sujeeth Narayan -Ankur Patwa.

CS 522 WebServices -Sujeeth Narayan -Ankur Patwa.
Cryptography and Network Security Chapter 1 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 1 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Secure Knowledge Management: and.

Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Secure Knowledge Management: and.
Web Service Security CSCI5931 Web Security Instructor: Dr. T. Andrew Yang Student: Jue Wang.

Web Service Security CSCI5931 Web Security Instructor: Dr. T. Andrew Yang Student: Jue Wang.

Similar presentations

Ads by Google