Top Banner

of 32

Oneill SOA

Apr 05, 2018



  • 8/2/2019 Oneill SOA


    Mapping Security to a Services Oriented Architecture

    Mark ONeill CTO, Vordel

    Open Group, April 2005

  • 8/2/2019 Oneill SOA


    Open Group, April 2005 2

    About the speaker

    CTO of Vordel vendor of XMLsecurity products since 1999.

    Author of Web Service Security,

    published by Osborne/ McGraw-Hill .Contributors include Phillip Hallam-Baker (Chief Scientist at VeriSign)and Ed Simon (XMLSec In c, authorof XML Signatu re specification)

    Contributing author of HardeningNetwork Security, published byOsborne/McGraw-Hil l, 2005

    Published in XML Journal, WebServices Journal,PriceWaterhouseCoopersCryptographic Journal of Excellence

    Background in EDI and in academiccryptography

  • 8/2/2019 Oneill SOA


    Open Group, April 2005 3

    About Vordel

    A vendor of XML securit y products since 1999.

    Based in Dublin, London, and Boston

    Customers include the European Union, theSpanish Government , Telefonica, Fortis,Experian, Ericsson, Bell Canada

    Standards-based integration with identi ty-management tools

    Vordel supports a wide range of open standards andspecifications and interoperates with many popularWeb Services platforms, making it a likely choice formany enterprises looking to protect their WebServices from unauthorized or malicious traffic. Jason Bloomberg - ZapThink

  • 8/2/2019 Oneill SOA


    Open Group, April 2005 4

    Vordels User Conference

    Speakers from Entrust , RSA Security, Softw are AG, QA Consultin g

    Enterprise architects from Vordels customer base describe how theyhave integrated security into their Services Oriented Architectures

    Tutorial on W eb Services Security included in confer ence fee

    June 8-10 in Westbury Hotel, Dublin

  • 8/2/2019 Oneill SOA


    Open Group, April 2005 5

    What I ll be speaking about

    What is a Services Oriented Archit ecture?

    A Whiteboard diagram How important are XML and SOAP to a SOA?

    How does security map to a Services Oriented Architecture?

    Transactional: Embedding security tokens in XML messages Architectural: Deploying security services XML-level: New XML-based threats

  • 8/2/2019 Oneill SOA


    Open Group, April 2005 6

    First what is a Services Oriented Architecture ?

    An SOA uses a Services Layer to hide underlying complexity

    Businesses can save money and time b y developing agai nst thi s ServicesLayer, rather than developi ng directly against an ERP/legacy layer

    Also known as a Business Interf ace Layer, or a Business Services Layer

  • 8/2/2019 Oneill SOA


    Open Group, April 2005 7

    How do you go about creating a Services Oriented Architecture?

    Gartner defi ne SODA as Services Oriented Development ofApplications

    SODA has seven aspects:

    1 . D es ig n . Focus on process-oriented design rather than component-based design. Processand workflow should be built into the design, not added later.

    2 . Model l ing. Using UML or similar. Includes modelling the structure and flow of bus inessprocesses, as well as application modelling and technical modelling.

    3 . Fabr i ca t ion . The actual creation of service components. Includes not only XML, but alsoadapters and integration technology

    4 . Assembly. Connecting service components together. May be achieved using a visual tool.5 . Orches t ra t ion . After assembly, workflow defines how information and logic will flow

    through the process. Introduces state and flow control.6 . A ut o m at i o n. Code generation to map from the model to the implementation. E.g. from

    scripts, or UML, or XML to EJB or .NET components.7. Variability and rapid application maintenance. Ensures that changes to composite

    systems does not break the rest of the system. Services must be able to adapt to multiplepurposes or versions.

    Gartner predict t hat applicat ion development tools wil l evolve toinclude t hese seven SODA aspects.

  • 8/2/2019 Oneill SOA


    Open Group, April 2005 8

    Just how important are XML and SOAP for a Services Oriented Architecture ?

    XML and SOAP are certainl y a good excuse to implement a ServicesOriented Architecture now, rather t han doing i t 5 years ago.

    However, the concepts of a Services Oriented Architecture go beyond the

    implementation technologies used Services should be understandable by non-technical business people

    Implementation technologies can be changed, without breaking the interface

    Asynchronous messaging is preferable to tightly-coupled RPC styles of integration

    The most important feature of XML and SOAP is that fact that they arevendor-neutral and have no competi t ion

  • 8/2/2019 Oneill SOA


    Open Group, April 2005 9

    The security risks for an SOA

    1 . Compl ex i t y ! Web Services are designed to reduce complexity, but if youre not careful, they can

    become complex too. Unmanaged complexity breeds insecurity

    2. Unauthorized access Most cross-firewall Web Services are for closed-user-groups of partners. Therefore,

    access control is very important.

    3. XML-level threats XML introduces new threats such as XML Denial of Service

  • 8/2/2019 Oneill SOA


    Open Group, April 2005 10

    Transactional Security The architectural challenge for SOA security

    Who is accessing this system? Can I m ap their id entit y to a local store?

    How did t hey authenticate? When did they authenticate?

    What are their enti t lements?


  • 8/2/2019 Oneill SOA


    Open Group, April 2005 11

    Thinking in terms of t he transaction

    An SOA means that users access business systems through mu ltipl e layers.

    This is why it s necessary to bind the security context to XML messages .

    WS-Security and SAML are important technologies for achieving this.

    Then, at each layer, we have control

  • 8/2/2019 Oneill SOA


    Open Group, April 2005 12

    Security tokens inside an XML message

    In t his message,security tokens arehighlighted inyellow.

    We see a SAMLAuthenticat ion assert ion,digital ly signed along withthe SOAP body.

    [ screenshot f romVordel SOAPboxapplicat ion free

    download fromwww.vordel .com ]

  • 8/2/2019 Oneill SOA


    Open Group, April 2005 13

    The risk of complexity

    Managing transactional security can become very complex very fast

    How I do control which application can access which Web Service?

    You could code/configure security policies in each Web Services platform and try to syncthem up together

    Do you really want to do this?

    Security policies are required here , here , here , here , and here .

    ( So is auditing, SLA management, reporting, etc)

  • 8/2/2019 Oneill SOA


    Open Group, April 2005 14

    Security Services

    So, rather than coding the same security functionality in each platform, whynot m ake use of Web Services?Authenticat ion

    Username/Password AuthN (HTTP-Auth, WS-Security) Certificate Validation Token issuance (SAML)

    Authorization Integration with Web Access Control SAML AuthorizationDecisionQuery

    Audit Logging services

    Confidentiality and Privacy Encryption Digital Rights Management

    Content validation Threat scanning of XML

    I n t e g r i t y OASIS Digital Signature Services (DSS), Time-stamping

  • 8/2/2019 Oneill SOA


    Open Group, April 2005 15

    So how is this im plemented?

    At each point w here you must consume or send XML, also apply security


    At the perimeter (XML Gateway)At the Web Service endpoint (application server)

    Security Services simply means deploying security functionality as WebServices that ar e on t ap as part of an SOA.

  • 8/2/2019 Oneill SOA


    Open Group, April 2005 16

    The Security Bus

    When a security context flows with XML messages through an SOA, throughthe use of security services, it can be thought of as a Security Bus

  • 8/2/2019 Oneill SOA


    Open Group, April 2005 17

    What is the alternative to deploying reusable Security Services?

    The alternat ives to deploying reu sable securit y services are:

    Code and configure security rules in your Web Services platforms(.NET,J2EE, etc) and try to get them all to talk to each other

    Use multiple implementations of WS-Security, SAML, etc.

    Keep revisiting decisions on how to implement Web Services Security.Firstly at the XML Gateway, then at the application server, etc.

    With r eusable Securit y Services, you get all of t he advantages of WebServices, for security functionality.

    These Security Services can be used by an XML Gateway, and b y code atthe application server

  • 8/2/2019 Oneill SOA


    Open Group, April 2005 18

    Defensive security: Blocking new XML-level thr eats

    Weve looked at transactional security and at security services

    Now lets look at another side of securi ty blocking content-based threats

  • 8/2/2019 Oneill SOA


    Open Group, April 2005 19

    STRIDE Threat model - thinking about security in terms of threats

    Developed by Michael Howard and David LeBlanc in Microsoft

    Documented in Writin g Secure Code [ Microsoft Press]

    The first step is to draw the data flow for a system and then identify which threat s apply at

    each system entity, and at each link bet

Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.