Presentation is loading. Please wait.

Presentation is loading. Please wait.

InfiNET Solutions 5/21/2019 www.infinet-inc.com www.infiNET-inc.com.

Similar presentations


Presentation on theme: "InfiNET Solutions 5/21/2019 www.infinet-inc.com www.infiNET-inc.com."— Presentation transcript:

1 infiNET Solutions 5/21/2019

2 Agenda Emerging Internet Landscape Web Services SAML

3 Emerging Internet Landscape
Growth of partnerships into e-business networks Emergence of Web Services Key challenges Single sign-on and interoperability among partnering Web sites Access control Support for heterogeneous environments (browser based, wireless..)

4 Web Services – What are they?
infiNET Solutions 5/21/2019 Modular software components wrapped inside a specific set of Internet communication protocols The Web Service Promise Anyone, anywhere, any time, using any computer system can use them. Web services have become the most talked and hyped internet phenomenon in years. Everyone talks about them, but not many people understand them. When you remove the hype, web services are…

5 Web Services – Key Benefits
infiNET Solutions 5/21/2019 Integration Break down data silos Access Can be accessed through client application, browsers, wireless devices, and so on. Flexibility “Machine-to-Machine” communications Integration – Solves today’s big challenge of application integration Access – device independent and new devices can be easily added. Flexibility – one web service can call another and so on.

6 Web Services – What can they do?
infiNET Solutions 5/21/2019 Automate business processes Integrate disparate components of the enterprise Integrate with any vendor or partner Bottom Line They enable universal interoperability Higher Ed: Allow access to post & retrieve information to/from SIS

7 Web Services – Protocols
infiNET Solutions 5/21/2019 XML Structured information WSDL (Web Services Description Language) Describes the Web Service UDDI (Universal Description, Discovery and Integration) Searchable directory of Web Services SOAP (Simple Object Access Protocol) Underlying protocol Though this appears to be alphabet soup, this enables Web Services to be self describing to the outside world. Web Services do a great job of communicating with devices, people, and most importantly each other.

8 Web Services – How they Work
A service provider creates a Web service. The service provider uses WSDL to describe the service (to a UDDI registry). The service provider registers the service (in a UDDI registry). Another service or user locates and requests the registered service by querying UDDI registry(ies). The requesting service or user writes an application to bind the registered service using SOAP. Data and messages are exchanged as XML over HTTP.

9 Web Services – How they Work
infiNET Solutions Payment Web Service (Provider) HTTP Server 1. Register/Publish Service SOAP Server Web Service Provider Web Service Processing Node UDDI Registry 3. SOAP Request/Response University Payment Web Service Requester Web Service Requester 2. Service Discovery

10 Web Services – Higher Ed Examples
infiNET Solutions 5/21/2019 LMS systems Credit Card and eCheck payments Tuition & Fees Bookstore Alumni Donations Student Loans LMS – can share class enrollment information and grades within the network Payments – can be processed via a single point of authorization Student Loans – Guarantee agencies can be brought into the communication loop to provide service to a variety of information systems

11 Web Services – Security Issues
infiNET Solutions 5/21/2019 Exposure of corporate information and systems Exposure of consumer information Spoofed transactions Uh Oh! How do we fix this? Web services can leave holes open that expose hackers to corporate information As consumers use Web services, there is a risk of exposure to their information. Hackers create phony web-service based request to commit cyber theft.

12 SAML – The Security Solution
Security Assertion Markup Language An XML based standard for authentication and authorization SAML is being driven by OASIS (Organization for the Advancement of Structured Information Standards)

13 SAML – Value Proposition
Describes existing security models using XML Enables universal sharing of Authentication and Authorization information Platform neutral solution Security framework independent of Vendor implementation and architecture

14 SAML – Security Standards Family
XML Encryption Represents the encrypted content of XML data and allows recipient to decrypt XML Signature Integrity, signature assurance, and non-repudiation for Web data XACML Policies to access XML documents

15 SAML – Architecture PROTOCOL
Request / Response pair for processing assertions ASSERTIONS Authentication & Authorization information BINDINGS How Assertions are communicated over industry-standard transport and messaging frameworks

16 SAML – Assertions Authentication Assertion Authorization Assertion
Defines the issuer, authenticated subject, time of issuance, validity interval, and others Authorization Assertion Defines what can be accessed

17 SAML – Common Assertion Information
Issuer and issuance timestamp Assertion ID Subject Name plus security domain Conditions under which an assertion is valid

18 SAML – How it Works A person wanting to use a Web Service protected by SAML logs into an authentication authority. Only if the proper credentials are presented is the person accepted. The authentication authority checks the credentials. If the credentials are correct, it creates an authentication assertion that verifies the person is who they say the are. A SAML token is created that describes what information and resources the that the person is allowed to access.

19 SAML – How it Works When a user tries to access the Web Service, a SAML token is presented. Before the person can access the Web Service, a Policy Enforcement Point intercepts the request and sends a token to an attribute authority. The attribute authority examines the token and determines whether the user should be allowed to access the Web Service.

20 SAML – How it Works 3 Protected Web Service 1 2 SAML Token User Login
Authentication Authority Authentication Assertion Policy Enforcement Point 4 Attribute Assertion Attribute Authority 5

21 Making it all work infiNET Solutions has partnered with JA-SIG to pilot Web Services and SAML on the Boston College campus These technologies are powerful, however they require the appropriate planning and architecting

22 Summary Web Services are becoming a reality
SAML will be the standard for Securing Web Services Single sign-on

23 Chief Technology Officer
Q&A Thanks for your time! David R. King Chief Technology Officer infiNET Solutions


Download ppt "InfiNET Solutions 5/21/2019 www.infinet-inc.com www.infiNET-inc.com."

Similar presentations


Ads by Google