computer science and engineering 1 service-oriented architecture security 2
TRANSCRIPT
![Page 1: Computer Science and Engineering 1 Service-Oriented Architecture Security 2](https://reader030.vdocuments.site/reader030/viewer/2022032605/56649e7d5503460f94b8011e/html5/thumbnails/1.jpg)
Computer Science and Engineering 1
Service-Oriented ArchitectureSecurity 2.Security 2.
![Page 2: Computer Science and Engineering 1 Service-Oriented Architecture Security 2](https://reader030.vdocuments.site/reader030/viewer/2022032605/56649e7d5503460f94b8011e/html5/thumbnails/2.jpg)
ReadingReading
1. New: Security Fundamentals for Web Services, Microsoft patterns and practices, http://msdn.microsoft.com/en-us/library/ff648318.aspx
Computer Science and Engineering 2
![Page 3: Computer Science and Engineering 1 Service-Oriented Architecture Security 2](https://reader030.vdocuments.site/reader030/viewer/2022032605/56649e7d5503460f94b8011e/html5/thumbnails/3.jpg)
Computer Science and Engineering 3
SOA Security ComponentsSOA Security Components
1. Software-level (single service) security
2. Business-level (service composition) security
3. Network-level security
![Page 4: Computer Science and Engineering 1 Service-Oriented Architecture Security 2](https://reader030.vdocuments.site/reader030/viewer/2022032605/56649e7d5503460f94b8011e/html5/thumbnails/4.jpg)
Computer Science and Engineering 4
Network-Level SecurityNetwork-Level Security
• Authentication and identification • Access Control• Messaging middlewaremiddleware
– Communication security– End point security
• Protocol assurance• Security PatternsSecurity Patterns
![Page 5: Computer Science and Engineering 1 Service-Oriented Architecture Security 2](https://reader030.vdocuments.site/reader030/viewer/2022032605/56649e7d5503460f94b8011e/html5/thumbnails/5.jpg)
Service-level PatternsService-level Patterns
• Exception Shielding• Message Validation• Trusted Subsystem• Service Perimeter Guard
Computer Science and Engineering 5
![Page 6: Computer Science and Engineering 1 Service-Oriented Architecture Security 2](https://reader030.vdocuments.site/reader030/viewer/2022032605/56649e7d5503460f94b8011e/html5/thumbnails/6.jpg)
Exception ShieldingException Shielding
Computer Science and Engineering 6
![Page 7: Computer Science and Engineering 1 Service-Oriented Architecture Security 2](https://reader030.vdocuments.site/reader030/viewer/2022032605/56649e7d5503460f94b8011e/html5/thumbnails/7.jpg)
Message ValidatorMessage Validator
Computer Science and Engineering 7
![Page 8: Computer Science and Engineering 1 Service-Oriented Architecture Security 2](https://reader030.vdocuments.site/reader030/viewer/2022032605/56649e7d5503460f94b8011e/html5/thumbnails/8.jpg)
Computer Science and Engineering 8
Trusted SubsystemTrusted Subsystem
• GoalGoal: prevent customers from circumventing a service and directly accessing the resources of the service
• ProblemProblem: – Customer may perform incorrect modifications– May lead to undesirable forms of implementation
coupling• SolutionSolution: service is designed to use own credentials for
authentication with backend resources
![Page 9: Computer Science and Engineering 1 Service-Oriented Architecture Security 2](https://reader030.vdocuments.site/reader030/viewer/2022032605/56649e7d5503460f94b8011e/html5/thumbnails/9.jpg)
Trusted SubsystemTrusted Subsystem
Computer Science and Engineering 9
![Page 10: Computer Science and Engineering 1 Service-Oriented Architecture Security 2](https://reader030.vdocuments.site/reader030/viewer/2022032605/56649e7d5503460f94b8011e/html5/thumbnails/10.jpg)
Computer Science and Engineering 10
Perimeter GuardPerimeter Guard
• GoalGoal: protect internal resources from users that remotely access internal computers
• ProblemProblem: – External attacker may gain access to services running
within a private network, and thus to the resources within the private network
• SolutionSolution: establish an intermediate service at the perimeter of the private network as a secure contact point
![Page 11: Computer Science and Engineering 1 Service-Oriented Architecture Security 2](https://reader030.vdocuments.site/reader030/viewer/2022032605/56649e7d5503460f94b8011e/html5/thumbnails/11.jpg)
Service Perimeter GuardService Perimeter Guard
Computer Science and Engineering 11
![Page 12: Computer Science and Engineering 1 Service-Oriented Architecture Security 2](https://reader030.vdocuments.site/reader030/viewer/2022032605/56649e7d5503460f94b8011e/html5/thumbnails/12.jpg)
Service Interaction PatternsService Interaction Patterns
• Data Confidentiality• Data Origin Authentication• Direct Authentication• Brokered Authentication
Computer Science and Engineering 12
![Page 13: Computer Science and Engineering 1 Service-Oriented Architecture Security 2](https://reader030.vdocuments.site/reader030/viewer/2022032605/56649e7d5503460f94b8011e/html5/thumbnails/13.jpg)
Data ConfidentialityData Confidentiality
Computer Science and Engineering 13
Symmetric key Public key
![Page 14: Computer Science and Engineering 1 Service-Oriented Architecture Security 2](https://reader030.vdocuments.site/reader030/viewer/2022032605/56649e7d5503460f94b8011e/html5/thumbnails/14.jpg)
Data Origin AuthenticationData Origin Authentication
Computer Science and Engineering 14
Symmetric key Public key
![Page 15: Computer Science and Engineering 1 Service-Oriented Architecture Security 2](https://reader030.vdocuments.site/reader030/viewer/2022032605/56649e7d5503460f94b8011e/html5/thumbnails/15.jpg)
Direct AuthenticationDirect Authentication
Computer Science and Engineering 15
![Page 16: Computer Science and Engineering 1 Service-Oriented Architecture Security 2](https://reader030.vdocuments.site/reader030/viewer/2022032605/56649e7d5503460f94b8011e/html5/thumbnails/16.jpg)
Single Sign-On
• Authentication of a user within multiple systems: use Digital Certificates and private keys
• Reduces security administration• Services can pass requester’s identity to other services
![Page 17: Computer Science and Engineering 1 Service-Oriented Architecture Security 2](https://reader030.vdocuments.site/reader030/viewer/2022032605/56649e7d5503460f94b8011e/html5/thumbnails/17.jpg)
Brokered AuthenticationBrokered Authentication
Computer Science and Engineering 17
![Page 18: Computer Science and Engineering 1 Service-Oriented Architecture Security 2](https://reader030.vdocuments.site/reader030/viewer/2022032605/56649e7d5503460f94b8011e/html5/thumbnails/18.jpg)
Brokered AlternativesBrokered Alternatives
Computer Science and Engineering 18
Security Token Service X.509 Digital Certificate
![Page 19: Computer Science and Engineering 1 Service-Oriented Architecture Security 2](https://reader030.vdocuments.site/reader030/viewer/2022032605/56649e7d5503460f94b8011e/html5/thumbnails/19.jpg)
Computer Science and Engineering 19
Service-Composition Service-Composition SecuritySecurity
• Ongoing activitiesOngoing activities:– Business process execution across heterogeneous
domains– Identity management– Trust management
• Upcoming research areasUpcoming research areas:– Web Services Composition– Web Service Transactions– Service-Level Dependencies
![Page 20: Computer Science and Engineering 1 Service-Oriented Architecture Security 2](https://reader030.vdocuments.site/reader030/viewer/2022032605/56649e7d5503460f94b8011e/html5/thumbnails/20.jpg)
Computer Science and Engineering 20
Web Services CompositionWeb Services Composition
• Create complex applications on the fly from individual services
• BPEL4WS, WSBPEL• How to express security and reliability needs?• How to verify that these needs are satisfied?• How to resolve conflict between business needs and
security requirements?
![Page 21: Computer Science and Engineering 1 Service-Oriented Architecture Security 2](https://reader030.vdocuments.site/reader030/viewer/2022032605/56649e7d5503460f94b8011e/html5/thumbnails/21.jpg)
Computer Science and Engineering 21
Web Services TransactionsWeb Services Transactions
• Traditional database transaction managements vs. SOA application needs
• How can we evaluate correct execution? ACID properties? Serializability?
• WS transaction framework:– Atomic (short-term) transactions– Business activity (long-term) transacBusiness activity (long-term) transactions
• What are the security implications of WS transactions?
![Page 22: Computer Science and Engineering 1 Service-Oriented Architecture Security 2](https://reader030.vdocuments.site/reader030/viewer/2022032605/56649e7d5503460f94b8011e/html5/thumbnails/22.jpg)
Computer Science and Engineering 22
Service-Level DependenciesService-Level Dependencies
• Old threats reappearing in new context: deadlocks, denial-of-service, network flooding, etc.
• How to detect and prevent the occurrence of these threats?
• In composition, independently developed services are dependent on each other
• No information about internal processing of the workflow components
![Page 23: Computer Science and Engineering 1 Service-Oriented Architecture Security 2](https://reader030.vdocuments.site/reader030/viewer/2022032605/56649e7d5503460f94b8011e/html5/thumbnails/23.jpg)
MLS SOAMLS SOA
• MLS: control information flow– Permitted flow: from low level to high level
• Revisit read/write operations– Subject reads object: info flow from object to subject– Subject writes object: info flow from subject to
object• WS communication: message transfer (write operation)
Computer Science and Engineering 23
![Page 24: Computer Science and Engineering 1 Service-Oriented Architecture Security 2](https://reader030.vdocuments.site/reader030/viewer/2022032605/56649e7d5503460f94b8011e/html5/thumbnails/24.jpg)
MLS MessagesMLS Messages
• Metadata: represent proper classification• Communication from High to Low services: message
must be de-classified• How can we achieve it?
– Manual classification– Automated classification – TRUST?
Computer Science and Engineering 24
![Page 25: Computer Science and Engineering 1 Service-Oriented Architecture Security 2](https://reader030.vdocuments.site/reader030/viewer/2022032605/56649e7d5503460f94b8011e/html5/thumbnails/25.jpg)
MLS Service InteractionsMLS Service Interactions
• Over multiple domains• Input/output messages• Service broker:
– Discover services– Enforces flow control: up-classify/down-classify
data
Computer Science and Engineering 25
![Page 26: Computer Science and Engineering 1 Service-Oriented Architecture Security 2](https://reader030.vdocuments.site/reader030/viewer/2022032605/56649e7d5503460f94b8011e/html5/thumbnails/26.jpg)
Metadata managementMetadata management
• Data classification– Confidentiality– Integrity– Data access policy {s, f, d, c}
• s service
• f in/out
• d data classification level
• c conditions
Computer Science and Engineering 26
![Page 27: Computer Science and Engineering 1 Service-Oriented Architecture Security 2](https://reader030.vdocuments.site/reader030/viewer/2022032605/56649e7d5503460f94b8011e/html5/thumbnails/27.jpg)
Computer Science and Engineering 27
New Approaches to Improve New Approaches to Improve Security and ReliabilitySecurity and Reliability
• Develop criteria to evaluate correctness of composite application execution– E.g., WS transactions: compensation-based transactions
• Increase reliability using redundant services• Offer security as service• Develop defense models using distributed and
collaborative components– E.g., detect malicious behavior based on collaborative nodes,
verify execution correctness by comparing outcome of different services, deploy intelligent software decoy, etc.
![Page 28: Computer Science and Engineering 1 Service-Oriented Architecture Security 2](https://reader030.vdocuments.site/reader030/viewer/2022032605/56649e7d5503460f94b8011e/html5/thumbnails/28.jpg)
Computer Science and Engineering 28
Conclusion and Future WorkConclusion and Future Work
• All aspects of SOA security must be addressed• Standards are not enough to provide security!• New security concepts applicable to SOA environment
must be developed• Security must be incorporated during the system
development process• Requires collaborationcollaboration among SOA developers, SOA developers,
business experts, and security professionalsbusiness experts, and security professionals