SOA Security Model for Enterprise Systems Integration

Vivek Jonnaganti

Agenda Introduction Security requirements of SOA Approaches to security Unified Web services security SOA security model Case-study at Agresso Conclusion

2

Introduction

3

These three domains form together a so-called Service-based Business Environment [2]

SOA Example 1: LIBRIS

4

BYGGDOK GU Bibliotek

KTH Bibliotek

Chalmers Bibliotek

Kungl Bibliotek

LIBRIS environment

(Broker)

SOA Example 2: Google search

5

Google-search environment

(Broker + Provider)

Model delineation

High flexibility (allows redundancy)

Low reusability

6

Low flexibility (redundancy not allowed)

High reusability

SOA Enterprise Environment

7

Elements of a SOA, adapted from the CBDI Service Oriented Architecture Practice Portal

Web services architecture

Security requirements of SOA: Functional Confidentiality

Prevent disclosure of information to unauthorized individuals or systems

Integrity and non-repudiation Implies that data cannot be manipulated without

authorization Authentication

Process of verifying the identity of users Authorization

Permission to use a resource Protection against attacks

Ensures that attackers do not gain control over applications

8

Security requirements of SOA: Non-functional Interoperability

Security solutions must not break compatibility of services

Manageability Refers to the ease with which a security a security

solution can be managed Ease of development

Complexity reduces adoption of any security solution

9

Message level security

10

Trust models depicting the point-to-point and end-to-end configurations [4]

Message level security: WS-Security An OASIS standard which allows message-

level security to be implemented with SOAP Specifications include;

How to attach signature and encryption headers to SOAP messages?

How to attach security tokens such as X.509 certificates and Kerberos tickets to messages?

11

Message level security: WS-Security

12

Security token service model [4]

Security as a service

13

Security implemented as an infrastructure service, for e.g. offered by the ESB

Security as a service: SAML Security Assertion Markup Language (SAML)

Framework for exchange of security related information between trusting parties

Key standard for federated identity systems Cross domain Single-Sign On (SSO)

Three components of the SAML specification are; Assertions (authentication, attribute and

authorization) Protocol Binding

Assertions are exchanged among sites and services using the protocol and binding

14

Security as a service: SAML

15

SAML Implementation

Security as a service: AON Application-oriented networking (AON)

involves network devices designed to aid computer-to-computer application integration

Salient features of AON include; Enhances XML processing capabilities Provides secure and fast movement of XML and

non-XML messages Provides consistent policy enforcement for

security, transaction routing, etc. Fosters XML-based technologies and SOA

16

Policy driven security Security policy decisions separate security

logic from business logic Easier to ensure consistency of security

enforcement across multiple applications Challenges to be addressed;

Ease of development and administration Consistency of security checks Interoperability of security solutions

17

Policy driven security: Declarative programming Used as a mechanism to separate a concern from

the rest of the solution Different degrees to which declarative security can

be employed; Internal use within an enterprise to ensure

consistency Use at design time to ensure interoperability Use at runtime to ensure interoperability

Machine-readable expression of what is required in a message exchange from a WS-Standards perspective

WS-Policy is an emerging standard that makes this approach possible

18

Policy driven security: WS-Policy WS-Policy framework specifies;

Syntax for writing policies Algorithm for comparing policies

19

Policy-based approach to ensuring interoperability between two parties in a web service message exchange

•Sign the body of the request•Encrypt the body of the request•Encrypt the signature of the body•Include a timestamp as the last entry in WS-Security header

Unified Web services security

21

Enterprise Application Security Integration (EASI) solution

Firewalls and access control

Internal security Policies, procedures and tools in place

Enterprise security architectures must support end-to-end security across many application components

SOA Security Model

22

Holistic security model with a breakdown of security services

SOA Security Model Authorization services

Controls access to services based on a set of policies

Authentication services Security token service that can help issue and validate

authentication credentials

Identity services Managing, sharing, federating and accessing of identity

information from a variety of authoritative identity sources

23

SOA Security Model Confidentiality services

Provide the capabilities to protect sensitive information from disclosure and to detect unauthorized modification of data

Audit services Provides mechanisms to submit, store and report on

audit data submitted as system events

24

Case-study at Agresso - Background Agresso Integration Hub is a middleware,

deployed as a SOA infrastructure Provides fundamental functions for services

exposure and adaptable business process Provides a wide set of capabilities to manage and

integrate services and events across applications

25

Case-study at Agresso – Integration workflow

26

Case-study at Agresso - Solution Identity Management (IdM) system which can

access identity information from different authorized sources

Confidentiality of the messages can be protected by making use of WS-Security

ESB has to be implemented as a policy-enforcement point

Web-services can advertize their local policies and specify their policy requirements by making use of WS-Policy

SOA governance module can be used to deploy auditing services which store the logs of all XML traffic

27

Conclusion Context of security changes with respect to SOA Security approaches to SOA include;

Message level security Security as a service Policy driven security

Security approaches can be unified into a single framework e.g. EASI model

SOA security model provides a holistic approach to secure the environment

Case study to evaluate the security model and solve security vulnerabilities of Agresso Integration Hub

28

29

References1. How to Identify, Specify and Realize Services for your SOA (Part I), by Ali Arsanjani IBM, 2005

2. An integrated model for SOA Governance by Kingkarn Kanchanavipu, August 2008.

3. SOA Security by Ramarao Kanneganti and Prasad Chodavarapu, 2008 Manning Publication Co.

4. Security in a Web Services World: A Proposed Architecture and Roadmap, A joint security whitepaper from IBM Corporation and Microsoft Corporation, April 2002, Version 1.0

5. How SAML works? A newsletter by Preston Gralla, April 2002.

6. The Network's New Role by Taf Anthias and Krishna Sankar, ACM Queue vol. 4, no. 4 - May 2006

7. Does Application-Oriented Networking Impact SOA and Web Services? by Bijoy Majumdar, Vikas Kumar and Vivek Raut, Dec 2005

8. Understanding Web Services Policy, by Asir S Vedamuthu and Daniel Roth, Microsoft Corporation, July 2006

9. Mastering Web Services Security by Bret Hartman, Donald J. Flinn, Konstantin Beznosov, and Shirley Kawamoto, 2003 Wiley Publishing Inc.

10. Enterprise Application Security Integration for Application Servers and Portals, by Randy Heffner, June 2001.

11. Agresso Integration Hub Roadmap, Agresso Whitepaper (Draft)

12. Service-oriented agility: Methods for successful Service-Oriented Architecture, by Pal Krogdahl, Gottrried Luef and Christoph Steindl, July 2005

13. MSDN .NET Framework Developer Centre - What's New in Web Services Enhancements (WSE) 3.0.

14. SOA in Practice – The Art of Distributed System Design by Nicolai M. Josuttis, August 2007

15. Broker Architecture for Web-services – Tech Republic Whitepaper, May 2002.

16. SAML Service - Sun ONE Identity Server Customization and API Guide, section 8.1.

30