Copyright © 2005 SOA Software, Inc. All Rights Reserved. Specifications Subject to Change Without...

Copyright © 2005 SOA Software, Inc. All Rights Reserved. Specifications Subject to Change Without Notice.

Overcoming the SOA Network Fallacy

Roberto MedranoExecutive Vice President

April 10, 2023 Copyright © 2005 SOA Software, Inc. All Rights Reserved. Specifications Subject to Change Without Notice.

Slide 2

SOA Transcends the Network

• If you listen to SOA advocates, you might get the idea that a Service-Oriented Architecture transcends the network:

– Web services consumers and providers have a logical relationship to one another – to the consumer, the Web Service is a URL, which could be anywhere, on any network segment

– One of the major advantages of SOA as an architectural paradigm is the concept of “network transparency” – to work, an SOA does not need any specific network configuration. The Web can be your new “corporate network”

• In others, when you’re thinking SOA, forget the network. The network doesn’t matter…


Slide 3

The SOA Network Fallacy

• Don’t get lulled into a false sense of network irrelevancy• Based on the ideas of network transparency and the logical relationship between

consumer and provider, some people in the EA field (sometimes SOA Vendors) conclude that the network does not matter in an SOA.

• This is exactly wrong. We call this the “SOA Network Fallacy”• In an SOA, the network is perhaps more important than in any earlier EA

paradigm:Web Services are network-based application components

ConsumersProvidersDiscovery of Web Services through the networkUDDI/Registries are network-basedMovement of SOAP messages, and WSDL documents over the networkSecurity and governance for Web Services rely on network transportsMovement of SAML tokens, PKI, etc. across network

• SOA relies on the network. Period.


Slide 4

Getting into it: SOA Deployments

Data Centers

Distributed Enterprise/Branch

Campus

Extended Enterprise

IP NetworkConverged IP

Network

Private WAN or VPN

SOA Apps

SOA Consumers

Customers

Teleworkers

Road warriors

Partners


General Security Characteristics of Web Services and SOA


Slide 6

SOA security risks - Enterprise

• Monolithic applications used perimeter security• Componentization (separating data, business logic and presentation layers)

increases the number of potential attack points


Slide 7

Security/compliance Related Characteristics of Web Services

• Web services (often) use Web protocols. i.e. A Web service invocation is an RPC that goes through Port 80

– Security issues• Critical and/or confidential software functions may be exposed to unauthorized access• Existing perimeter controls may not be effective to prevent unauthorized access• Integrity/confidentiality of data exposed as Web services may be at risk

• Web services use XML, which is open and text-based– Security issues:

• Eavesdropping• Lack of confidentiality• Malicious modification of messages in transit• Accidental or malicious disclosure of sensitive information

• Web services are “machine to machine” i.e. The user (consumer) of Web service is another application

– Security Issues• Access management• Identity management

• Web services lead to new application structures and development processes– Composite applications– Service bus– Increased and faster-paced inter-company and inter-divisional development projects– Security issues:

• SLDC and change management• Governance


Slide 8

More issues with Web Services and SOA security

• Authentication– Asserting and verifying the identity of all the parties involved

• Original requester• Requesting application• Intermediary(s)• Service provider

• Authorization– Determining if the requesting party(s) is/are authorized to access the requested resource

(service/operation)– Determining if the authorization is valid for this transaction (date/time, number of

requests, etc.)

• Auditing– Provide a record of who did what and when they did it

• Privacy– Ensure that messages are safe from eavesdropping

• Non-repudiation– Ensure that the senders cannot deny sending, and the receivers cannot deny receiving

messages


The Importance of SOA Infrastructure


Slide 10

SOA Infrastructure

SOA Infrastructure:- The complete set of tools and processes to assure security, management, mediation, and governance of Web services in an enterprise environment


Slide 11

SOA Infrastructure Reference Model

• SOA Infrastructure provides core infrastructure services to the SOA and XML applications and messaging layer

• Service providers, consumers, enterprise service bus platforms along with other service proxies, leverage these infrastructure services either directly, or via delegates and agents

• Infrastructure services include:– Management Application

• Implements management standards like WS-DM to provide central performance and health monitoring and reporting capabilities

– Security Service• Implements standards like WS-Trust

and XACML as well as common PKI features

– Registry• UDDI services for core service

discovery

– Metadata Repository• Serves policies, WSDLs, Schema,

virtual service definitions and many other key meta-data items


Slide 12

SOA Infrastructure Reference Model

• SOA Infrastructure as an enabler of Risk Mitigation Countermeasures– Intermediaries between

Web service consumers and providers

– Centralized repository of policy meta data

– Dynamic definition, implementation and enforcement of policy for consumers, providers, and intermediaries

– Future-proofs SOA against vulnerabilities caused by changes as services evolve through the SDLC


Slide 13

Secure Services

• Ensure the security of services– Authentication

• SAML• Kerberos• X.509• Basic Auth• https

– Authorization– Privacy (XML-Encryption)– Non-repudiation (XML-Signature)– Audit

• Ensure that consumers can comply with required security policies


Slide 14

Infrastructure Security Services

• Security Token Server– Authentication– Token Exchange

• e.g. HTTP cookie for SAML assertion

– Federation Standards• WS-Trust• WS-Federation

• Authorization Services– Who can access which parts of a service– XACML– Delegate to existing access management solutions

• SiteMinder• TAM• Oblix,• etc.

• PKI Services– Key pair generation– Certificate Management– Key distribution


Slide 15

Key Web Services security standards

• WS-Security - security token enveloping• SAML - authentication (and authorization)• XML-Encryption (XML element privacy)• XML-DigitalSignature (XML element signing)• WS-Policy (asserting policies for services and operations)• WS-Trust (building trust relationships and executing trust transactions)• WS-Federation (formal federated identity services)


Slide 16

What is Security Policy?

• Start with Registry– Service publishing– Service discovery– A system of record for information about

services

• Add a repository– Store and manage metadata about the

services in the registry– Define and manage policies for security,

management, reliability, routing, etc.– Reference these policies in the service

entries

• Repository objects can be shared by multiple registry entries (services)

– Change policy once affect many services– Central management of policy

• At runtime providers and consumers can leverage the policy management infrastructure

– Agents discover and enforce policies– Delegates discover and implement policies to ensure

true loose-coupling


Slide 17

SOA Infrastructure Solutions

• SOA Infrastructure includes Governance, Management and Security linked together through SOA Policy Management

• Governance offers no value without a runtime solution to enforce policies and feed back metrics and compliance data

• Runtime solutions (security and management) offer minimal value without central policy control and value-added service governance capabilities


Slide 18

Standards-based Closed-loop SOA Infrastructure

• Closed loop means:– Defining and managing actionable policies in

a governance solution at design-time– Enforcing these policies via deep integration

with a management solution at run-time– Auditing that these policies are being

enforced– Using industry standards (WS-Policy, WS-

MEX) where appropriate for information exchange

• Closed loop infrastructure enables demand and Value Management

– Collect performance, usage and exception statistics at run-time

– Track these statistics via the governance solution

– Use live, audited information to drive value-based decisions about the effectiveness of different services and organizations

– Provide developers with up to the minute information about a service in runtime to inform their decisions about which services to use

– Manage supply and demand to ensure maximum efficiency and benefit from SOA


Slide 19

SOA Infrastructure – Policy Management Use Cases

• Plan, analyze, design, implement, test, change, and retire design and runtime policies for services

– Define and manage validation and conformance policies for service design and registration

– Define and manage security, routing, reliability, mediation, and other runtime policies– NOTE: Without deep integration with an SOA management solution, these policies will be

informational only, and will not be enforced– Define policies for services across all popular types of service containers including, Java

and .NET app servers, ESBs, Mainframe, and packaged applications

• Ensure that policies are being effectively enforced with a comprehensive metric collection model

– Capture performance and usage metrics according to policies– Statistically and algorithmically capture comprehensive message data– Track and manage security and other policy exceptions

• Compare and reconcile collected metrics with policies for audit purposes


Slide 20

SOA Infrastructure – Security Use Cases

• Enforce policies managed by a centralized governance solution– Consistent policy enforcement for all popular service containers including, Java and .NET

app servers, ESBs, Mainframe, and packaged applications– Enforce and mediate policies in the network

• Ensure the end-to-end security (Au, Az, Privacy, Audit, Non-repudiation) of Web services messages

• Create, manage and distribute public/private key pairs through the SOA• Decouple the security model from the development process

– Allow developers to focus on their business logic and interfaces, allowing the infrastructure to implement and enforce security, reliability, and messaging policies

• Ensure the interoperability of Web services clients and service providers


Slide 21

Policy-based SOA Infrastructure


Slide 22

SOA and Impact on the Network

Requirements around• Scalability• Performance• Security• Load balancing & failoverSOA

Applications

•SOAP

•XML

•WS* etc.


Slide 23

SOA and the Network: Security

• Network related risks– Access control risk– Endpoint integrity risks

• App related risks– Data integrity risks

• SOAP Messages modified in transit• Data changed or deleted by unauthorized access to databases fronted by Web

Services (XML Injection)– Data confidentiality risks

• Eavesdropping• Improper access

– Data availability risks• Denial of Service through XML exploits• Endless strings, XML logic bombs


Slide 24

Load balancing and failover

• Unpredictable load characteristics of SOA application traffic– Server side load balancing– Network scalability

• SOA apps are 24*7 • High availability of network infrastructure is a fundamental assumption• How do I ensure that my SOA apps are always available?


Slide 25

Scalability

• SOA can dramatically increase volume of network traffic (peaks and valleys)• Packet sizes vary (small to large) – text based protocols• How can/should you optimally engineer the network without adding substantial

cost?


Slide 26

Real time responsiveness & performance

• SOA apps are built with LAN like performance as an assumption• Composite apps – different modules from different systems working together to

deliver on business process – increase performance demands of the network• Delays and packet-loss can cause time-outs of SOA apps – poor end user

experience• Network managers need to support SLAs as SOA based apps get deployed• How to manage network performance without too much cost?


Slide 27

Checking in

• Do you still think the network is irrelevant to SOA?

• How can you develop an SOA solution approach that makes the network a strategic asset that innovates businesses and business processes

• How can you deliver strategic and tactical business results should not require unreasonable infrastructure trade-offs?

• Best Practice: implement critical network elements with an SOA Governance oriented approach

Think:Think:Business speed and responsivenessBusiness speed and responsivenessBusines safetyBusines safetyBusiness flexibilityBusiness flexibility


Slide 28

Solving the SOA Network Challenges

• You can build network reliability and security into your SOA by merging best practices of SOA Governance and infrastructure with a best of breed approach to network infrastructure.

– SOA and Network Infrastructure working in harmony• Use SOA Infrastructure management tools to estimate SOA load and harmonize/optimize consumer

and provider connections on the network• Understand where mediation is necessary between incompatible links in the network that supports

your SOA– ESB mediation– Transport protocol transformation– Routing paths

• Provide for version control, failover, load balancing as an SOA management issue, and integrate with underlying network infrastructure – you need both to succeed

– Selecting the right SOA infrastructure and network solutions• Understand where you need an XML firewall• Work with network solution provider to optimize network performance characteristics for SOA• Work with network solution provider to resolve potential security issues at the network level

– Embedding Network aspects of the SOA into SOA Governance• Web Service governance policy metadata can include network parameters• Centralized SOA governance can provide SOA network management capabilities• Work toward a “closed loop” of SOA Governance that enforces governance policies that are defined

at design time – in that way, there is reduced risk of lapses in governance policy enforcement for Web services that are live on the network at runtime

Copyright © 2005 SOA Software, Inc. All Rights Reserved. Specifications Subject to Change Without...

Documents

Transcript of Copyright © 2005 SOA Software, Inc. All Rights Reserved. Specifications Subject to Change Without...