Security for Web Services and Service Oriented Architectures

1
Security for Web Services and Service Oriented
Architectures
Bhavani Thuraisingham The University of Texas at
Dallas Lecture 13 February 18 and 20, 2008
2
Acknowledgement

• Professors Elisa Bertino and Lorenzo Martino
  Purdue University for much of the information and
  charts on web services security standards and
  digital identity management
• bertino_at_cs.purdue.edu
• lmartino_at_purdue.edu
• Others
• Dr. Frederica Pacci University of Milan for
  ideas obtianed when serving on her thesis
  committee on reserach in web services security
• Prof. I-Ling Yen and Wei-She University of Texas
  at Dallas for collaboration on web services
  security and the delegation model
• Book by Thomas Erl on Service Oriented
  Architectures, Prentice Hall, 2005

3
Objective and Scope

• The objective of this course is to provide an
  overview of the significant developments in SOA
  and Web Services Security Standards as well as
  directions for future developments
• Current work on SOA security is focusing mainly
  on access control as well as confidentiality and
  integrity.
• Solutions proposed for systems to address
  intrusion detection, denial of service and
  infrastructure attacks, insider threat analysis
  including data mining techniques for security
  applications are beyond the scope of this course.
  

4
Outline

• SOA and Web services Overview
• SOA and Web services security Overview
• WS-Security and WS- Security

5
Service Oriented Architecture (SOA)
http//en.wikipedia.org/wiki/Service-oriented_arc
hitecture

• Service Oriented Architecture (SOA) is an
  architectural style that guides all aspects of
  creating and using business processes, packaged
  as services, throughout their lifecycle, as well
  as defining and provisioning the IT
  infrastructure that allows different applications
  to exchange data and participate in business
  processes loosely coupled from the operating
  systems and programming languages underlying
  those applications
• SOA represents a model in which functionality is
  decomposed into distinct units (services), which
  can be distributed over a network and can be
  combined together and reused to create business
  applications
• These services communicate with each other by
  passing data from one service to another, or by
  coordinating an activity between two or more
  services.
• SOA concepts makes software development flexible
  and extensible
• Service oriented analysis is becoming key to
  modeling and analyzing software
• The concepts of Service Oriented Architecture are
  often seen as built upon, and the evolution of,
  the older concepts of distributed computing and
  modular programming
• While object-orientation views the world as a
  collection of objects, service orientation views
  the world as a collection of services
• SOA is technology independent however it is
  commonly realized using web services

6
Web service definition

• A Web Service is a software system designed to
  support interoperable machine-to-machine
  interaction over a network. It has an interface
  described in a machine-processable format
  (specifically WSDL). Other systems interact with
  the Web service in a manner prescribed by its
  description using SOAP messages, typically
  conveyed using HTTP with an XML serialization in
  conjunction with other Web-related standards.
• Source http//www.w3.org/TR/ws-arch/

7
SOA
8
Web Services (WS) Framework

• An abstract (vendor neutral) existence defined by
  standards organizations and implemented by
  (proprietary) technology platforms
• Core building blocks that include web sercices,
  service descriptions and messages
• A communication agreement centered around service
  descriptions and WSDL
• A messaging framework comprised of SOAP
  technology concepts
• A service description registration and discovery
  architecture sometimes realized through UDDI
• A well defined architecture that supports
  messaging patterns and compositions
• A second generation of web services extensions
  (also known as WS- specifications) continually
  broadening its underlying feature-set
• Concepts in WS- include Message Exchange
  Patterns (MEP), Service Activity, Coordination,
  Atomic Transaction, Business Activities,
  Orchestration (WS-BPEL), Choreography (WS-CDL)
• Reference Service Oriented Architecture, Thomas
  Erl, Prentice Hall, 2005

9
Web services E-business

• ? Web services are a key component for agile
  e-business

? Web services security is a fundamental
issue
10
Standardization bodies related to Web Services
11
SOA Security

• Our approach is to implement SOA through web
  services therefore SOA security essentially is
  about web services security
• Three core specifications
• WS-Security, XML-Signature, XML-Encryption
• WS-Security is the second generation of
  technologies for SOA security
• Single sign-on (SSO) is a form of centralized
  security mechanism that complements the
  WS-Security extensions
• Related specifications for SOA security
• WS-Security, WS-SecurityPolicy, WS-Trust,
  
  WS-SecureConversation, WS-Federation, XACML,
  Extensibe Rights Markup Language, XML Key
  Management, XML, Signature, SAML, .NET Passport,
  Secure Socket Layer, WS-I Basic Security Profile

12
Basic Components of SOA Security

• Identification
• For service requestor to acces a secure service
  provider it must first provide information that
  expresses its origin or owner. This is referred
  to as making a claim
• Authentiaction
• A message being delivered to a receipient must
  prove that the message is in fact from the sender
  that it claims
• Authorization
• Once authenticated, the receipient of a message
  may need to determine what the requestor is
  alowed to do
• Singe sign on
• It is supported by SAML, .NET Passport and XACML
• Confidentiality and Integrity
• Confidentiality is concerned with protecting the
  privacy of the message content, Integrity ensures
  that the message has not been altered
• Transport level and Message level security
• Transport level securiy is provided by SSL
  (securing HTTP), message level confidentiality
  and integrity are provied by XML-Encryption and
  XML-Signature.

13
Web Services Security Requirements and Standards

• Securing Web services mainly requires to
• provide facilities for securing the integrity and
  confidentiality of the messages and
• ensure that the service acts only on requests in
  messages that express the claims required by
  policies
• Role of Standards
• Providing a Web Services Security Framework that
  is an integral part of the Web Services
  Architecture
• The framework is a layered and composable set of
  standard specifications

14
WS- security Standards framework
15
WS- security standards implementations

• Microsoft .NET Framework 2.0 / WSE3.0
• WS-Security (OASIS 2004 standard), WS-Policy,
  WS-SecurityPolicy, WS-Trust, WS-SecureConversation
  and WS-Addressing
• SUN Web Services Interoperability Technology
  (WSIT)
• IBM WebSphere
• Open Software The Apache Software Foundation Web
  Services Project (http//ws.apache.org/)

16
Securing the network traffic SSL/TLS and IPsec

• Secure Socket Layer SSL and Transport Layer
  Security are used to provide transport level
  security for web services applications.
• Security features
• authentication
• data integrity
• data confidentiality
• SSL/TLS enables point-to-point secure sessions.
• IP security (IPsec) security features
• secure sessions with host authentication
• data integrity
• data confidentiality

17
IPSec security services

• IPsec provides the following security services
• Encrypting traffic (so that it can not be read in
  its transmission)
• Integrity validation (ensuring that traffic has
  not been modified along its path)
• Authenticating the Peers (both ends are sure they
  are communicating with the trusted entity the
  traffic is intended for)
• Anti-Replay (Protect against session replay)
• Network level security policies
• Firewall filtering rules
• IPsec Security policy
• The manager defines policies describing the
  security services that must be enforced on a
  given traffic
• Each policy describes the action(s) and the mode,
  algorithms and protocols to apply when an IPsec
  processing is required

18
XML Encryption

• XML Encryption Syntax and Processing
• 10 December 2002
• Status W3C Recommendation
• Core standard
• Goals
• provide confidentiality for applications that
  exchange structured data by
• Representing in a standard way digitally
  encrypted resources
• separating encryption information from encrypted
  data, and supporting reference mechanisms for
  addressing encryption information from encrypted
  data sections and vice-versa
• providing a mechanism for conveying encryption
  key information to a recipient
• providing for the encryption of a part or
  totality of an XML document

19
XML Signature

• XML-Signature Syntax and Processing
• 12 February 2002
• Status W3C Recommendation
• Core standard XML Signature is a building block
  for many web services security standards (e.g.
  XKMS and WS-Security)
• Goals
• represent a digital signature as an XML element
• Processing rules for creating this XML element
• The signed data items can be of different types
  and granularity (XML documents, XML Elements,
  files containing any type of digital data)

20
Securing SOAP messagesWeb Services Security
SOAP Message Security 1.1
(WS-Security 2004)Status Approved OASIS
Standard Specification 1 February 2006

• Goals
• Provide single SOAP message integrity and
  confidentiality
• Using existing digital signature, encryption, and
  security token mechanisms
• Provide mechanisms for associating security
  tokens with message content (header and body
  blocks)
• Extensibility (i.e. support multiple security
  token format)

the recipient can trust the content of the
message and its sender
Security Token - a representation of
security-related information (e.g. X.509
certificate, Kerberos tickets and authenticators,
mobile device security tokens from SIM cards,
username, etc.). Signed Security Token - a
security token that contains a set of related
claims (assertions) cryptographically endorsed by
an issuer. Examples X.509 certificates and
Kerberos tickets.
21
What is WS-Security?

• WS-Security enhances SOAP messaging to provide
  quality of protection through
• message integrity,
• message confidentiality, and
• single message authentication.
• These mechanisms can be used to accommodate a
  wide variety of security models and encryption
  technologies.
• WS-Security also provides a general-purpose,
  extensible mechanism for associating security
  tokens with messages
• No specific type of security token is required
• support for multiple security token formats
• WS-Security describes how to encode binary
  security tokens( X.509 certificates and Kerberos
  tickets)

22
WS-Security mechanisms and considerations

• Mechanism(s)
• Mechanisms for message integrity digital
  signatures and certificates
• Mechanism for confidentiality encryption (XML
  Encryption)
• Digital signatures alone do not provide message
  authentication. To prevent replay attack (one can
  record a signed message and resend it), digital
  signatures must be combined with timestamps or
  sequence numbers to ensure the uniqueness of the
  message.
• When digital signatures are used for verifying
  the identity of the sending party, the sender
  must prove the possession of the private key. One
  way to achieve this is to use a
  challenge-response type of protocol.
• The combination of signing and encryption over a
  common data item may introduce some cryptographic
  vulnerability
• For example, encrypting digitally signed data,
  while leaving the digital signature in the clear,
  may allow plain text guessing attacks

23
WS-Security request example
1 2 3
4 id"X509token" ValueType"X.509" 5
sdfOIDFKLSoidefsdflk 6 ken 7 8 9
10 11
akjsdflaksfe 12 13 enReference URI"X509token"/ 14
15 16
17 18
19 20
21
24
WS-SecureConversation

• Conversations focus on the public processes in
  which the participants of a Web service engage
  WSCL is Web Services Conversation Language.
• Web Services Secure Conversation Language
  (WS-SecureConversation) February 2005
• Status revised public draft release provided for
  review and evaluation only
• Main goal provide secure communication across
  one or more messages.
• Extends WS-Security mechanisms
• Allows to authenticate a series of SOAP messages
  (conversation)
• by establishing and sharing between two endpoints
  a security context for a message conversation
  using a series of derived keys to increase
  security.
• The security context is defined as a new token
  type that is obtained using a binding of WS-Trust
• This allows for exchange in a potentially more
  efficient way keys or new key material
• Security Context
• A security context is an abstract concept that
  refers to an established authentication state and
  negotiated key(s) that may have additional
  security-related properties.
• A security context token (SCT) is a
  representation of that security context abstract
  concept, which allows a context to be named by a
  URI and used with WS-Security.

25
Security policies for Web Services

• The concept of Policy Guiding principles and
  procedures
• Security policy might mean different things to
  different people
• Firewall filtering rules
• Access control policy
• Privacy policy
• Standards for Web Services Policies
• WS-Policy
• XACML
• XACML profile for Web Services
• Approaches specialized models languages vs.
  one-size-fits-all framework

26
WS-Policy

• Web Services Policy 1.2 - Framework (WS-Policy)
  W3C Member Submission 25 April 2006
• Status public draft release for review and
  evaluation only
• Main goal The WS-Policy and WS-PolicyAttachment
  aim to offer mechanisms to represent the
  capabilities and requirements of Web services as
  Policies
• Policy view in WS-Policy
• A policy is used to convey conditions on an
  interaction between two Web service endpoints.
• The provider of a Web service exposes a policy to
  convey conditions under which it provides the
  service.
• A requester might use this policy to decide
  whether or not to use the service.

27
WS-Policy

• WS-Policy
• is an extensible model for expressing all types
  of domain-specific policy models transport-level
  security, resource usage policy, even end-to-end
  business-process level policy. It Define basic
  policy, policy statement, and policy assertion
  models. WSPolicy is also able to incorporate
  other policy models such as SAML and XACML
• WS-PolicyAssertions
• Defines a few generic policy assertions
• WS-Policy Attachment
• Defines how to associate a policy with a service,
  either by directly embedding it in the WSDL
  definition or by indirectly associating it
  through UDDI
• WS-SecurityPolicy
• Defines security policy assertions corresponding
  to the security claims defined by WS-Security
  message integrity assertion, message
  confidentiality assertion, and message security
  token assertion
• The only policy assertions standardized so far
  are those defined in WS-SecurityPolicy (specific
  assertions that describe how messages are
  secured) and WS-PolicyAssertions.

28
WS-Policy Policy model

• Policy
• A potentially empty collection of policy
  alternatives. Alternatives are not ordered
• Policy Alternative
• A potentially empty collection of policy
  assertions.
• An alternative with zero assertions indicates no
  behaviors..
• Alternatives are mutually exclusive (exclusive
  OR)
• Policy Assertion
• Identifies a a requirement (or capability) of a
  policy subject.
• Assertions indicate domain-specific (e.g.,
  security, transactions) semantics and are
  expected to be defined in separate,
  domain-specific specifications

29
WS-Policy example

wsseKe
rberosv5TGT

wsseX509v3

Which security
token we want to use among the various tokens
such as Kerberos and X509
30
XACML

• eXtensible Access Control Markup Language 2
  (XACML) Version 2.0 OASIS Standard, 1 Feb 2005
• Status approved OASIS Standard within the OASIS
  Access 12 Control TC.
• XACML is a general-purpose access control policy
  language for managing access to resources
• It describes both a policy language and an access
  control decision request/response language
• Fine access control grained control
• Access control based on subject and object
  attributes
• Consistent with and building upon SAML

31
XACML Key Aspects

• General-purpose authorization policy model and
  XML-based specification language
• XACML is independent of SAML specification
• Triple-based policy syntax Action
• Negative authorization is supported
• Input/output to the XACML policy processor is
  clearly defined as XACML context data structure
• Input data is referred by XACML-specific
  attribute designator as well as XPath expression
• Extension points function, identifier, data
  type, rule-combining algorithm, policy-combining
  algorithm, etc.
• A policy consists of multiple rules
• A set of policies is combined by a higher level
  policy (PolicySet element)

32
XACML data flow model
Source oasis-access_control-xacml-2.0-core-spec-
os
33
XACML Protocol
XACML Request/ Response
34
XACML Protocol

• When a client makes a resource request upon a
  server, the PEP is charged with AC
• In order to enforce AC policies, the PEP will
  formalize the attributes describing the requester
  at the PIP and delegate the authorization
  decision to the PDP
• Applicable policies are located in a policy
  store, managed by the PAP, and evaluated at the
  PDP, which then returns the authorization
  decision
• Using this information, the PEP can deliver the
  appropriate response to the client
• XACML Request
• Subject
• Object
• Action
• XACML Response
• Permit
• Permit with Obligations
• Deny
• NotApplicable (the PDP cannot locate a policy
  whose target matches the required resource)
• Indeterminate (an error occurred or some required
  value was missing)

35
XACML Protocol

• The Policy Administration Point (PAP) creates
  security policies and stores these policies in
  the appropriate repository.
• The Policy Enforcement Point (PEP) performs
  access control by making decision requests and
  enforcing authorization decisions.
• The Policy Information Point (PIP) serves as the
  source of attribute values, or the data required
  for policy evaluation.
• The Policy Decision Point (PDP) evaluates the
  applicable policy and renders an authorization
  decision.
• Note The PEP and PDP might both be contained
  within the same application, or might be
  distributed across different servers

36
Policies and PolicySet

• The key top-level element is the
  which aggregates other elements or
  elements
• The element is composed principally of
  , and elements and
  is evaluated at the PDP to yield and access
  decision.
• Since multiple policies may be found applicable
  to an access decision, (and since a single policy
  can contain multiple Rules) Combining Algorithms
  are used to reconcile multiple outcomes into a
  single decision
• The element is used to associate a
  requested resource with an applicable Policy. It
  contains conditions that the requesting Subject,
  Resource, or Action must meet for a Policy Set,
  Policy, or Rule to be applicable to the resource.
  
• The Target includes a build-in scheme for
  efficient indexing/lookup of Policies.
• Rules provide the conditions which test the
  relevant attributes within a Policy. Any number
  of Rule elements may be used each of which
  generates a true or false outcome. Combining
  these outcomes yields a single decision for the
  Policy, which may be "Permit", "Deny",
  "Indeterminate", or a "NotApplicable" decision.

37
Policies and Policy Sets

• Policy
• Smallest element PDP can evaluate
• Contains Description, Defaults, Target, Rules,
  Obligations, Rule Combining Algorithm
• Policy Set
• Allows Policies and Policy Sets to be combined
• Use not required
• Contains Description, Defaults, Target,
  Policies, Policy Sets, Policy References, Policy
  Set References, Obligations, Policy Combining
  Algorithm
• Combining Algorithms Deny-overrides,
  Permit-overrides, First-applicable,
  Only-one-applicable

38
Overview of the Policy Element

ruleCombiningAlgId DenyOverrides









39
XACML policy

• A Policy has four main components
• A target
• A rule-combining algorithm identifier
• A set of rules
• Obligations
• The Rule is the elementary unit of a policy
• Main components of a rule
• A target
• An effect permit or deny
• A condition
• Policy Language
• A policy target specifies a set of
• Resources
• Subjects
• Actions
• Environment
• to which it applies

40
XACML Profile for Web-Services

• OASIS XACML Profile for Web-Services XACML
  Working draft 04, 29 Sep 2003
• Status working draft
• Main goal extending XACML to deal with the
  specific characteristics of Web services
• Two main extensions to XACML
• define in a precise way the various aspects to
  which a security policy applies to, for example
  for distinguishing the security policy that must
  be applied to the message level from the access
  control policy applied to a Web service or to an
  operation of the Web service
• use of the policy combination mechanisms defined
  in XACML in order to combine the
  preference/requirements policy of the Web service
  client with the access control policy of the Web
  service provider
• Note XACML profile is not getting as much
  attention as it used to

41
Security Assertion Markup Language (SAML)

• Developed by the OASIS XML-Based Security
  Services Technical Committee (SSTC)
• Status SAML V2.0 OASIS Standard specification
  set was approved on 15 March 2005
• Main goal authentication and authorization
• promote interoperability between disparate
  authentication and authorization systems
• How
• defining an XML-based framework for communicating
  security and identity information (e.g.,
  authentication, entitlements, and attribute)
  between computing entities
• using available different security
  infrastructures (e.g., PKI, Kerberos, LDAP, etc)

42
SAML basic concepts

• Assertions The core concept
• SAML Authority a system entity that makes SAML
  assertions (also called Identity Provider IdP
  and Asserting Party)
• Service Provider a system entity making use of
  SAML assertions
• Relying Party a system entity that uses received
  assertions (named also SAML requester)
• SAML Bindings Bindings describe exactly how the
  SAML protocol maps onto the transport protocols.

43
SAML assertions

• An assertion is constituted by one or more
  statements made by a SAML authority
• Different kinds of assertion statement that can
  be created by a SAML authority
• Authentication The specified subject was
  authenticated by a particular means at a
  particular time.
• Attribute The specified subject is associated
  with the supplied attributes.
• Authorization decision statements the specified
  subject is entitled to do a specified action

Martino authenticated with a password at 900am
Bill is an account manager with a 1000 spending
limit per one-day travel
John Doe is permitted to buy a specified item
44
SAML entities
SAML Authority makes SAML assertions
SAML Requester a system entity that uses received
assertions
Service Providers a system entity making use of
SAML assertions
45
SAML profiles

• Defines constraints and/or extensions of the core
  protocols and assertions in support of the usage
  of SAML for a particular application.
• Achieve interoperability.
• Stipulates how particular statements are
  communicated using appropriate protocol messages
  over specified bindings.
• E.g. Web Browser SSO Profile specifies how SAML
  authentication assertions are communicated using
  the Authentication Query and Response messages
  over a number of different bindings in order to
  enable Single Sign-On for a browser user
• By agreeing to support a particular SAML profile
  (as opposed to the complete specification set),
  parties who wish to exchange SAML messages have a
  much simpler job of achieving interoperability.

46
SAML and XACML
Source Security Assertion Markup Language (SAML)
V2.0 Technical Overview Working Draft 08, 12
September 2005
47
SAML Federated Identity

• SAML addresses one key aspect of identity
  management how identity information can be
  communicated from one domain to another
• SAML 2.0 will be the basis on which Liberty
  Alliance builds additional federated identity
  applications (such as web service-enabled
  permissions-based attribute sharing).

48
Standards for security management XKMS (XML Key
Management Standard)

• XML Key Management Specification (XKMS 2.0)
  Version 2.0 5 April 2004
• Status W3C Candidate Recommendation
• XKMS provides a Web-based interface to existing
  public key infrastructure (PKI)
• XKMS specifies protocols for
• Distributing
• Registering public keys
• The protocol is suitable for use in conjunction
  with the standard for XML Signatures XML-SIG
  and companion standard for XML Encryption
  XML-ENC.
• The XML Key Management Specification (XKMS)
  defines two services
• the XML Key Information Service Specification
  (X-KISS) and
• the XML Key Registration Service Specification
  (X-KRSS).

49
XKMS services
BOB
ALICE
XKMS protocol
XML Key Information Service (X-KISS)
XML Key Registration Service (X-KRSS)
- register - reissue - revoke - recover
- locate a public key - validate a public key
50
Standards for security management WS-TRUST

• Security (confidentiality integrity) is
  achieved through encryption, digital signatures
  and certificates
• Ultimately, security depends on the secure
  management of cryptographic keys and security
  tokens
• Key/security token issuance
• Key/security token transmission
• Key/security token storage
• Key/security token exchange

51
WS-Trust

• Web Services Trust Language (WS-Trust) February
  2005
• Status Initial public draft release provided for
  review and evaluation only
• Main goal to enable the issuance and
  dissemination of credentials among different
  trust domains
• WS-Trust defines extensions to WS-Security that
  provide
• Methods for issuing, renewing, and validating
  security tokens.
• Ways to establish, assess the presence of, and
  broker trust relationships.
• Motivation The recipient of a WS-Security-protect
  ed SOAP message has three potential issues with
  the security token contained within the Security
  header
• Format the format or syntax of the token is not
  known to the recipient
• Trust -- the recipient may be unable to build a
  chain-of-trust from its own trust anchors (e.g.
  its X.509 Certificate Authority, a local Kerberos
  KDC, or a SAML Authority) to the issuer or signer
  of the token
• Namespace -- the recipient may be unable to
  directly comprehend the set of claims within the
  token because of syntactical differences

52
WS-Trust trust model
53
WS-Trust example
?
NO previouos trust relationship
Client
Firewall
The Client uses X.509 certificate
WS-Security SOAP msg
The Provider understands Kerberos certificate
STS Service
54
WS- Security standards and security

• WS- security standard specifications address
  interoperability aspects
• Each standard specification provides a specific
  section describing security threats that are not
  addressed by that specification
• When using implementations of the specifications,
  the above warnings must be carefully analyzed

55
WS- Security standards and interoperability

• Theory
• The framework mandates for a layered approach
• every upper layer standard could/should re-use
  and extend the specification of lower-layer
  standards.
• Practice
• Specifications issued by different bodies are not
  always compatible, but
• Adherence to profiles improves interoperability
• Implementations of different vendors are not
  always interoperable

56
WS- Security standards and performance

• XML induces overhead
• Efficient ways of packaging and transmitting
  binary data in SOAP messages are needed
• XML-binary Optimized Packaging (XOP)
• SOAP Message Transmission Optimization Mechanism
  (MTOM)
• Resource Representation SOAP Header Block (RRSHB)
  
• Processing of WS- security compliant messages
  require encryption/decryption and eventually
  signature management capabilities
• XML accelerators and the XML firewalls try to
  solve those problems

57
XML Accelerators and Firewalls

• Accelerators A customized hardware and software
  performing the following processing tasks
• XML/SOAP parsing,
• XML schema validation,
• XPath processing and XSLT transformation
  functions
• Firewalls Also known as XML gateways
• Perform functions of a XML accelerator
• Support WS-Security standard
• Additional functionalities
• content or metadata-based XML/SOAP filtering
  functions
• XML messages encryption/decryption at the message
  or element level
• XML signatures verification and XML message
  signing according to XML Encryption standard
• Authentication and authorization functions (that
  in some XML appliance can be based on local or on
  off-board repositories)

58
Summary Points

• SOA concept based on service orientation is now a
  significant method for software development and
  promotes extensibility and flexibility Service
  oriented analysis has now become a standard way
  to model software
• Web Services is just one way to realize SOA
• Security for SOA is crucial as SOA is being used
  in numerous sectors since web services realize
  SOA, web services security is critical
• SOA and SOA Security Standards are being
  developed by W3C and OASIS WS-Security,
  WS-Security Framework, and XACML are some of the
  key standards
• SOA security currently focuses mainly on access
  control. SOA-specific techniques to address
  intrusion detection, denial of service and
  insider threat analysis need attention

59
Questions

• Describe in detail the various components of
  WS-Security
• Describe in detail the various components of WS-
  Security
• Describe in detail the key points in SAML and
  XACML
• Define a hypothetical application for assured
  information sharing among coalition partners
  (e.g., Army, Navy, Air Force or Hospitals,
  Insurance companies and Doctors offices)
• Examine the interactions between the coalition
  (e.g., data flow, process flow)
• Specify web services to implement the
  interactions
• Specify sample policies using XACML and SAML for
  the coalition environment
• Design a system for implementing the policies

60
Contact Information

• Dr. Bhavani Thuraisingham
• Professor of Computer Science and Director of the
  Cyber Security Research Center
• The University of Texas at Dallas
• bhavani.thuraisingham_at_utdallas.edu
• Dr. Elisa Bertino
• Professor of Computer Science and
  Reserach Director, CERIAS
• Purdue University
• bertino_at_cs.purdue.edu