SOA Security Programming Model

850 views

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
850
On SlideShare
0
From Embeds
0
Number of Embeds
3
Actions
Shares
0
Downloads
45
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

SOA Security Programming Model

  1. 1. Colorado Software Summit: October 23 – 28, 2005 © Copyright 2005, IBM Corporation SOA Security Programming Model Anthony Nadalin Distinguished Engineer IBM Corporation Presented by Mike Perks Anthony Nadalin — SOA Security Programming Model Page 1
  2. 2. Colorado Software Summit: October 23 – 28, 2005 © Copyright 2005, IBM Corporation Agenda • Securing an on demand business • Business requirements • on demand security infrastructure • Service Oriented Architecture and Security • Federation and trust management • Business driven application security Anthony Nadalin — SOA Security Programming Model Page 2
  3. 3. Security is a Business Colorado Software Summit: October 23 – 28, 2005 © Copyright 2005, IBM Corporation Requirement that … Affects Business Strategy Impacts Business Processes and Operations Helps Secure Business Applications Needed to Secure the Infrastructure Anthony Nadalin — SOA Security Programming Model Page 3
  4. 4. Colorado Software Summit: October 23 – 28, 2005 © Copyright 2005, IBM Corporation Customer Pain Points Protecting privacy and security of customer and employee information Securing exchange of business critical information Manage identity within and across enterprise(s) Ensure integrity of the environment (delegated, federated) Manage security policies to mitigate risks Anthony Nadalin — SOA Security Programming Model Page 4
  5. 5. Understanding the pain points Colorado Software Summit: October 23 – 28, 2005 © Copyright 2005, IBM Corporation lead to .. Anthony Nadalin — SOA Security Programming Model Page 5
  6. 6. Colorado Software Summit: October 23 – 28, 2005 © Copyright 2005, IBM Corporation on demand security infrastructure Tooling for model driven security infrastructure Business Controls, Risk and Security Compliance Management Business Controls, Risk and Security Governance Identity and Data protection Secure Business Secure Security Access and disclosure Process and Transactions Monitoring Management control collaboration and audit Secure Systems and Networks on demand security management disciplines on demand security fabric Anthony Nadalin — SOA Security Programming Model Page 6
  7. 7. that help secure an on demand Colorado Software Summit: October 23 – 28, 2005 © Copyright 2005, IBM Corporation environment .. Anthony Nadalin — SOA Security Programming Model Page 7
  8. 8. Colorado Software Summit: October 23 – 28, 2005 © Copyright 2005, IBM Corporation So as to achieve … Enterprise Integration and Virtualization • Security Services • Security components • Pluggability and customizability • Consistent and coherent model Based on • Service Oriented Architecture • Componentization • Standards based interoperability and integration • Loose coupling and virtualization • Adapters to legacy applications Using • Security policies from executives to IT staff • End to end tools from modeling to infrastructure management • Governance model and delegation of authority Anthony Nadalin — SOA Security Programming Model Page 8
  9. 9. .. Using Security Fabric that is Colorado Software Summit: October 23 – 28, 2005 © Copyright 2005, IBM Corporation Standards Based and Pluggable On Demand Applications Business Application Services Utility Business Services … Enterprise Service Bus Runtime Security APIs Administrative Security APIs Vendor API extensions (login, authorization, etc) (create user, change policy,..) (J2EE, Unix, …) Operating Environment Security Runtime - Credential propagation, authentication, context establishment, authorization checks, audit, privacy, Authentication Authorization SPI Cred Mapping SPI Identity Policy, Audit, SPI Management Intrusion User Registry Detection, Privacy Authz provider Mapping provider Management Kerberos, RACF provider LDAP, OS registry 3rd Party 3rd Party 3rd Party 3 rd Party 3 rd Party WS-Trust WS-Attribute Service WS-Authorization WS-Trust WS-Attribute Service WS-Policy WS-Federation Security Services Infrastructure WS-Privacy Anthony Nadalin — SOA Security Programming Model Page 9
  10. 10. Colorado Software Summit: October 23 – 28, 2005 © Copyright 2005, IBM Corporation Agenda • Securing an on demand business • Business requirements • on demand security infrastructure • Service Oriented Architecture and Security • Federation and trust management • Business driven application security Anthony Nadalin — SOA Security Programming Model Page 10
  11. 11. Colorado Software Summit: October 23 – 28, 2005 © Copyright 2005, IBM Corporation Federated Lifecycle Management Audit and compliance Partner Enrollment Business Driven Partner Partner-User Scenario Trust Enrollment Enrollment Realization Agreements Credentials Technical Provisioning/ Management Policies Deprovisioning Operational Partner-Role- Best Attribute Role/Permission Practices Management Management Security & Identity User Life cycle Attribute change Agreements Management Management Audit Identity Agreements Transaction/Data Relationship Agreements Management Privacy Scenario Federation/ Agreements Management De-federation Anthony Nadalin — SOA Security Programming Model Page 11
  12. 12. Colorado Software Summit: October 23 – 28, 2005 © Copyright 2005, IBM Corporation Federations Require Trust Trust Reflects business relationship Needs governance model Implemented using technology Trust between Identity Provider and Service Providers This can be implemented using technology Trust can be provided by WS-Trust, WS-Security, WS-SecureConversation Trust between users and Identity Providers This can be facilitated by technology Requires business, legal and “faith based” solutions Trust by users of how IdP will user their information This can be mitigated by WS-Policy family Also requires business, legal and “faith based” solutions Anthony Nadalin — SOA Security Programming Model Page 12
  13. 13. Colorado Software Summit: October 23 – 28, 2005 © Copyright 2005, IBM Corporation Web Services Security Model Web Services Web Services Client Requestor Security Service Provider Gateway B2B Authentic Authoriz Provisio SSO Audit ation ation ning WS-Security Family (Kerberos,X.509, SAML) Users SOAP HTTPS, JMS, MQ B2B 2 C End to End Security model simplifies integration between companies Each Web Services message can be individually authenticated, integrity & confidentiality protected and authorized Anthony Nadalin — SOA Security Programming Model Page 13
  14. 14. Colorado Software Summit: October 23 – 28, 2005 © Copyright 2005, IBM Corporation Web Services Security Applications Suppliers SOAP/HTTP Services Driven Interactions Web Services SOAP Web Services Legacy Non Web Partners Security Services Applications Checkpoint Web Services Web Services Remote Portlets Company Remote Portal Portals How do we identify and authenticate the service requester ? How to we identify and authenticate the source of the message ? Is the client authorized to send this message? Can we ensure message integrity & confidentiality ? How can I audit the access to Web Services? Multiple layers of enforcement – perimeter, gateway, app server, application Anthony Nadalin — SOA Security Programming Model Page 14
  15. 15. Colorado Software Summit: October 23 – 28, 2005 © Copyright 2005, IBM Corporation End to End Message Security (trust relationship) (trust relationship) (trust relationship) Anthony Nadalin — SOA Security Programming Model Page 15
  16. 16. Colorado Software Summit: October 23 – 28, 2005 © Copyright 2005, IBM Corporation Managing Trust Audit Anthony Nadalin — SOA Security Programming Model Page 16
  17. 17. Colorado Software Summit: October 23 – 28, 2005 © Copyright 2005, IBM Corporation Managing Integrity Manage trust Use Infrastructure components May be shared Need to be trusted components (they are the enforcement points) Interaction (with partners, etc) and role played by infrastructure is managed Delegated authority to LOBs Application specific policies Shared infrastructure but different policies (specific to LOB, application, etc) Gives flexibility and control Compliance Audit and monitoring Accountability and integrity Anthony Nadalin — SOA Security Programming Model Page 17
  18. 18. Colorado Software Summit: October 23 – 28, 2005 © Copyright 2005, IBM Corporation Web Services Security Roadmap Federation Layer WS-SecureConversation WS-Federation WS-Authorization Spec: 18 Dec 2002 Spec: 8 July 2003 Spec: 28 May 2003 WS-Policy Policy Layer WS-PolicyFramework WS-Trust WS-Privacy WS-PolicyAttachments WS-PolicyAssertions Spec: 18 Dec 2002 Spec: 5 Apr 2002 WS-Security OASIS Standard Today Spec: 8 May 2000 Time SOAP Foundation TBA Specifications Announced Implementations Available Today Anthony Nadalin — SOA Security Programming Model Page 18
  19. 19. Colorado Software Summit: October 23 – 28, 2005 © Copyright 2005, IBM Corporation Application lifecycle and security policies Corporate policies and line of business/domain specific policies Relevance to business process and business applications Platform specific models Impact on IT infrastructure Compliance and monitoring Anthony Nadalin — SOA Security Programming Model Page 19
  20. 20. Colorado Software Summit: October 23 – 28, 2005 © Copyright 2005, IBM Corporation Business driven application security Define business and corporate Security policy officer security Security auditor policies Business analyst Model security requirements and application security Manage security of the Model business application; Business Monitor behavior and change policies as necessary Security architects Application architects Develop Iteratively IT administrator Focus on Architecture Analyze & Security administrator Manage & Design Operator Monitor Continuously Ensure Quality Manage Change & Assets Application programmer Security developer Application administrator Implement Security administrator Deploy Declare application security policies; Configure infrastructure for Build and test application security; secure applications Subscribe and customize security policies Anthony Nadalin — SOA Security Programming Model Page 20
  21. 21. Colorado Software Summit: October 23 – 28, 2005 © Copyright 2005, IBM Corporation Business application policies Analyzing relevance to business processes and applications Translating intent/goals into enforceable policies Business vocabulary vs. implementation Anthony Nadalin — SOA Security Programming Model Page 21
  22. 22. Application modeling and Colorado Software Summit: October 23 – 28, 2005 © Copyright 2005, IBM Corporation security policies Anthony Nadalin — SOA Security Programming Model Page 22
  23. 23. Colorado Software Summit: October 23 – 28, 2005 © Copyright 2005, IBM Corporation Programming model: Infrastructure vs. application managed Infrastructure managed (gateways, application container) Let application concentrate on business logic Let the infrastructure enforce the intended policies Policies aligned with business goals and deployment patterns Policies may come from application artifacts (e.g., deployment descriptors), system configuration (e.g., based on topology), and published policies (based on target interactions e.g. ws-policy) Application managed Architected and standardized call-outs Abstract out as a security provider (e.g., JAAS, JACC) Anthony Nadalin — SOA Security Programming Model Page 23
  24. 24. Colorado Software Summit: October 23 – 28, 2005 © Copyright 2005, IBM Corporation Deployment and management Service Subscribe Solution Install Requestor (consumer) Provider Application policy Corporate, IT policies, etc (e.g., in deployment descriptors) (e.g., use corporate LDAP) Consumer Subscription time changes administrator (e.g., High level security, Fabrikam as certificate authority) Application Server runtime Transform, persist and distribute policies to security provider (e.g., Security XACML policies and coordinates with ERP Runtime Publication of Policies Tivoli AccessManager ) Travel app (e.g., WS -Policy) Initial policies are ‘pushed ’ or stored; updates are pushed or pulled: (e.g., 128 bit SSL required, X.509 certs from Verisign ) XACML policy docs Security Policy Manager e.g. Tivoli AccessManager Administer policies Manage/Administer & Runtime Anthony Nadalin — SOA Security Programming Model Page 24
  25. 25. Identity Management & Service Colorado Software Summit: October 23 – 28, 2005 © Copyright 2005, IBM Corporation Oriented Architecture New Capability “Identity” Existing Capability “Service” SOA Security Enterprise Identity mgmt (Web Services Security Management) Services View Federated Identity Management (Federated User Lifecycle Web Single Sign-On Management) Access Management Services Transformation Identity Management Service Oriented Architecture (SOA) “Services” Identity Management Market “Identity” Identity transformation from a product-centric view to a service-centric view – move to adoption of service-oriented architectures with federation characteristics for simplifying identity management and strengthening corporate compliance Anthony Nadalin — SOA Security Programming Model Page 25
  26. 26. Colorado Software Summit: October 23 – 28, 2005 © Copyright 2005, IBM Corporation Identity Integration Problem How to share information Partners using with trusted providers? WS-Federation “Identity” SAP Platform “Identity” “Identity” Partners using “Identity” Liberty Multi Protocol Federation Gateway WebSphere Platform “Identity” Partners using “Identity” SAML in their Portal or Web “Identity” MS .NET Platform Identity Management as a business Partners using WS-Security process for cross-enterprise collaboration Anthony Nadalin — SOA Security Programming Model Page 26
  27. 27. Colorado Software Summit: October 23 – 28, 2005 © Copyright 2005, IBM Corporation Identity & Web Services - Landscape Industry leveraging Federation to “simplify” Service Delivery and provide superior end user experience New Service Enablers are driving need for identity sharing based on Web services Presence, Location, Group Management etc HTTP Centric Services still a dominant delivery model i.e. Services are Built and Delivered using normal HTTP to browser-based clients E.g. Location-based Services, Third-Party Content Enables Mobile Operator to assume the role of “Trusted Identity Provider/Authority” in mediating value-add data services with third-parties HTTP Identity Services Standards in Mobile Industry • Current Deployments happening with Liberty ID FF 1.1/1.2 • Role of SAML 1.0/1.1 very minimal in mobile industry (due to Liberty uptake) • SAML 2.0 will converge Liberty ID FF 1.1/1.2 and SAML 1.0/1.1 but adoption of SAML 2.0 not likely until 2006 • WS-Federation becomes a critical strategy for integration with Microsoft Active Directory and Microsoft .NET Services Federation of Web Services is a dominant theme in “Service Oriented Architecture” i.e. Services are discovered using Web Services (WSDL) Dominant Web Services Security Platform is WS-Security WS-Security now an official OASIS standard and implementations available from leading middleware platforms from Microsoft .NET and IBM Anthony Nadalin — SOA Security Programming Model Page 27
  28. 28. Best Practice – Enterprise User Colorado Software Summit: October 23 – 28, 2005 © Copyright 2005, IBM Corporation Provisioning Password Delegated Account Sync/ Workflow Admin Provisioning Administrator/CSR Reset Self- Care Identity Management Partner Users Enterprise Identity Legacy Legacy HR Feed Foundation ERP ERP Portal Bi-directional Portal Provisioning Directory LDAP Authoritative Feeds DAML/DSML Anthony Nadalin — SOA Security Programming Model Page 28
  29. 29. Colorado Software Summit: October 23 – 28, 2005 © Copyright 2005, IBM Corporation Best Practices – Access Management Third-Party Partner Access Partners using Partners using Microsoft® SAML Federate d Access Third Party Third-party User WS- Partners using Federation/SAML/Liberty Liberty WS-Security/WS- Federation/SAML/Liberty Direct Federated ID Access Web Access / Micro Web SSO SSO/Authentication/Authorization User Web Web SSO Web SSO SSO Portal Benefits Service Billing Service Service Anthony Nadalin — SOA Security Programming Model Page 29
  30. 30. Colorado Software Summit: October 23 – 28, 2005 © Copyright 2005, IBM Corporation Deployment Patterns & Roles – Federated Web Services Patterns Roles C2B / E2B HTTP Identity Provider, Service Provider C2B – Web Services Web Services Client, WS Provider B2B – Web Services Web Services Client, WS Provider Composite Patterns – C2B + B2B Identity Provider; WS Client, Service Provider; WS Provider Consumer-2-Business (C2B) Employee-2-Business (E2B) Business-to-Business (B2B, e.g. Portal to Portal) Anthony Nadalin — SOA Security Programming Model Page 30
  31. 31. Colorado Software Summit: October 23 – 28, 2005 © Copyright 2005, IBM Corporation C2B2B - Portal to Portal – Deployment Security Token Service Token Third Party SOAP Request Third-party WS-Security Provider/WSP User PORTAL (Identity Provider) XML/Web XML/Web Services Services Web Services Gateway Gateway Provider Web Services Client Users WS-Trust WS-Trust local ID Token Token local ID Identity Security Identity Security Service Service Enterprise Service Service Enterprise Directory Directory Policy Service Policy Service Anthony Nadalin — SOA Security Programming Model Page 31
  32. 32. Colorado Software Summit: October 23 – 28, 2005 © Copyright 2005, IBM Corporation Identity + Web Services - Architecture Clients Federated Federated Browser Identity Identity Rich Client Provider Provider (Liberty) (SAML) Mobile Terminal SMB Federated Partner Spokes Identity Provider Identity Services (Liberty) Enterprise Web Enterprise ID Services Platforms Liberty Gateway WS-Trust/WS- Security Web Services SAML Federated Identity Security Providers Identity (Remote Provider Services Services (SAML) Portals) WS-Security WS-Federation SAML Federated Identity Web Services Provider Providers (WS-Federation) I “know” this subscriber from my (Remote I “know” how to connect the partner company” “user” to authorized services Portals) Anthony Nadalin — SOA Security Programming Model Page 32
  33. 33. Colorado Software Summit: October 23 – 28, 2005 © Copyright 2005, IBM Corporation Compliance – Auditing the Integrity of Mortgage Approval Business Process Anthony Nadalin — SOA Security Programming Model Page 33
  34. 34. Colorado Software Summit: October 23 – 28, 2005 © Copyright 2005, IBM Corporation SIMPLE IDENTITY & CHANGE AUDIT FOR CONTINUOUS COMPLIANCE INPUT OUTPUT Audit Workplace for Process BCR CEI, CBE (Communicate, Business Services CARS Track) XML Policy Change Events/ CEI, CBE Events/State Changes Alerts Central Audit Service CCMDB/ Processes/ Dashboard Warehouse WBI SQL Business & IT DB2 CEI, CBE Reports AlphaBlox Audit Analytics/ Security Events/Alerts Compliance Correlation Process Data (Security, Change, Engine Identity, Access Archive) TPM, TCM, TIM, (Company & Partner) TAM, FIM XML Security Policy Change Network Remediation & Remediation TIM/TAM FIM,SCM ERP/ CRM Database Abnormal Process Events/Alerts Rational Requisite Pro EU/Japan Privacy Corporate SOX Basel II Visa CISP US Patriot Act Law Security Policies Compliance Drivers Anthony Nadalin — SOA Security Programming Model Page 34
  35. 35. Colorado Software Summit: October 23 – 28, 2005 © Copyright 2005, IBM Corporation Summary Security is about business, no longer just about technology SOA enables better Application Integration Web Services Security standards optimizes the development, deployment and management of Composite Applications Federation is the “bridge” by which web services security integrates with Service Oriented Architectures Anthony Nadalin — SOA Security Programming Model Page 35

×