Presentation is loading. Please wait.

Presentation is loading. Please wait.

Windows Communications Foundation ("Indigo"): Writing Secure Distributed Applications Martin Gudgin COM312 Program Manager Microsoft Corporation.

Published byAnne Atkinson Modified over 9 years ago

Similar presentations

Presentation on theme: "Windows Communications Foundation ("Indigo"): Writing Secure Distributed Applications Martin Gudgin COM312 Program Manager Microsoft Corporation."— Presentation transcript:

1 Windows Communications Foundation ("Indigo"): Writing Secure Distributed Applications Martin Gudgin COM312 Program Manager Microsoft Corporation

2 Agenda WCF Security Model Credentials Security modes Authorization

3 ConfidentialityIntegrityAuthenticationAuthorization Security Requirements

4 WCF Security Model Based on credentials Satisfies security requirements Secure by default Consistent across bindings

5 Credentials Provide claims Basis of satisfying security requirements

6 Credential Examples Alice MyDomain\Alice Subject: CN=Alice Issuer: SomeCA ValidFrom: 2005-09-13 ValidUntil: 2005-09-16 Username Kerberos Certificate

7 Transport Credentials Security requirements satisfied at transport layer Performance benefits Restricted claim types

8 Transport Credentials

9 Message Credentials Security requirements satisfied at message layer Claims carried in messages More credential types, extensible

10 Message Credentials

11 Mixed Mode Integrity and confidentiality requirements satisfied by transport layer Claims carried at message layer More credential types, extensible

12 Mixed Mode

13 Secure Sessions Setting up a secure session improves performance Transport independent, secure across multiple hops Simple message level claims Associated with claims from bootstrap

14 Secure Session

15 Federated Credentials Issued by third party Based on provided credentials Supports arbitrary credentials

16 Federated Credentials Service Credential Issuer Client I’m Bob (X.509) Here’s a Credential (SAML) I’m Bob (SAML) Trust Relationship

17 Federated Credentials

18 Auditing Various security events are audited Supports auditing of success and failure Configurable

19 Audit Records

20 Authorization Claims used to determine access Integrates with CLR PrincipalPermission Provides new OperationRequirement mechanism Extensible

21 Authorization

22 Where Are We? Communication is secure by default It’s all about claims Many credential types supported Consistent across bindings It’s all extensible – see COM430

23 Community Resources At PDC For more information, go see COM321 - "InfoCard": Developing Federated Identity Applications Using "InfoCard" and the WCF (Thu 11:30am) COM430 - Windows Communications Foundation: A Deep Dive into Extensions for Security and Identity (Fri 8:30am) COM432 - Developing Web Services Using ASP.NET and WSE That Interoperate with the WCF (Fri 8:30am) Ask The Experts table: WCF Security COM Track lounge After PDC MSDN dev center: http://msdn.microsoft.com/webservices/ http://msdn.microsoft.com/webservices/ MSDN Forums Channel 9 tag: http://channel9.msdn.com/tags/Indigo

24 © 2005 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.

Download ppt "Windows Communications Foundation ("Indigo"): Writing Secure Distributed Applications Martin Gudgin COM312 Program Manager Microsoft Corporation."

Similar presentations

3/25/2017 8:53 AM Windows Communication Foundation (“Indigo”): A Deep Dive Into Extending The Channel Layer Kenny Wolf, Software Development Engineer.

3/25/2017 8:53 AM Windows Communication Foundation (“Indigo”): A Deep Dive Into Extending The Channel Layer Kenny Wolf, Software Development Engineer.
Using PHINMS and Web-Services for Interoperability The findings and conclusions in this presentation are those of the author and do not necessarily represent.

Using PHINMS and Web-Services for Interoperability The findings and conclusions in this presentation are those of the author and do not necessarily represent.
Windows 2000 Security --Kerberos COSC513 Project Sihua Xu June 13, 2014.

Windows 2000 Security --Kerberos COSC513 Project Sihua Xu June 13, 2014.
 Jan Alexander Program Manager Microsoft Corporation BB43.

 Jan Alexander Program Manager Microsoft Corporation BB43.
Authentication solutions for Outlook and Office 365 Multi-factor authentication for Office 365 Outlook client futures.

Authentication solutions for Outlook and Office 365 Multi-factor authentication for Office 365 Outlook client futures.
Integration Considerations Greg Thompson April 20 th, 2006 Copyright © 2006, Credentica Inc. All Rights Reserved.

Integration Considerations Greg Thompson April 20 th, 2006 Copyright © 2006, Credentica Inc. All Rights Reserved.
Security and Policy Enforcement Mark Gibson Dave Northey

Security and Policy Enforcement Mark Gibson Dave Northey
The Microsoft Technical Roadshow 2006 Windows Communication Foundation Mike Taulty Developer & Platform Group Microsoft Ltd

The Microsoft Technical Roadshow 2006 Windows Communication Foundation Mike Taulty Developer & Platform Group Microsoft Ltd
Web Service Security CSCI5931 Web Security Instructor: Dr. T. Andrew Yang Student: Jue Wang.

Web Service Security CSCI5931 Web Security Instructor: Dr. T. Andrew Yang Student: Jue Wang.
1 Building Distributed Asynchronous Applications With SQL Service Broker Gerald Hinson, Roger Wolter DAT303 Dev Lead Microsoft Corporation.

1 Building Distributed Asynchronous Applications With SQL Service Broker Gerald Hinson, Roger Wolter DAT303 Dev Lead Microsoft Corporation.
Windows Forms in Visual Studio 2005: An Overview Saurabh Pant Program Manager Microsoft Corporation.

Windows Forms in Visual Studio 2005: An Overview Saurabh Pant Program Manager Microsoft Corporation.
Nikola Dudar Program Manager Microsoft Corporation Session Code: DTL 311.

Nikola Dudar Program Manager Microsoft Corporation Session Code: DTL 311.
Identity and Access Management Business Ready Security Solutions.

Identity and Access Management Business Ready Security Solutions.
Case Study: Revolutionizing Microsoft Axapta Mike Ehrenberg COML01 Architect, Microsoft Business Solutions Microsoft Corporation.

Case Study: Revolutionizing Microsoft Axapta Mike Ehrenberg COML01 Architect, Microsoft Business Solutions Microsoft Corporation.
1 Developing Rules Driven Workflows in Windows Workflow Foundation Jurgen Willis COM318 Program Manager Microsoft Corporation.

1 Developing Rules Driven Workflows in Windows Workflow Foundation Jurgen Willis COM318 Program Manager Microsoft Corporation.
Windows Communications Foundation (Indigo): Web Services Interoperability With Java/J2EE Kirill Gavrylyuk Simon Guest COM423 Microsoft Corporation.

Windows Communications Foundation ("Indigo"): Web Services Interoperability With Java/J2EE Kirill Gavrylyuk Simon Guest COM423 Microsoft Corporation.
Christopher Chapman | MCT Content PM, Microsoft Learning, PDG Planning, Microsoft.

Christopher Chapman | MCT Content PM, Microsoft Learning, PDG Planning, Microsoft.
Future Directions: Building Customizable Applications using.NET Eric Schnepp TLN205 Lead Program Manager Microsoft Corporation.

Future Directions: Building Customizable Applications using.NET Eric Schnepp TLN205 Lead Program Manager Microsoft Corporation.
1 Windows Communication Foundation: Integrating COM+ and MSMQ Applications Andy Milligan COM305 Program Manager Microsoft Corporation.

1 Windows Communication Foundation: Integrating COM+ and MSMQ Applications Andy Milligan COM305 Program Manager Microsoft Corporation.
 Jamie Cool Program Manager Microsoft Corporation.

 Jamie Cool Program Manager Microsoft Corporation.

Similar presentations

Ads by Google