Presentation is loading. Please wait.

Presentation is loading. Please wait.

Tuesday, June 10, 2003 Web Services Brief Overview & Security Assertion Coordinator Pattern by Mohammad Abushadi & Riaz Ahmed for Security Group CSE -

Published byLogan Laughton Modified over 10 years ago

Similar presentations

Presentation on theme: "Tuesday, June 10, 2003 Web Services Brief Overview & Security Assertion Coordinator Pattern by Mohammad Abushadi & Riaz Ahmed for Security Group CSE -"— Presentation transcript:

1 Tuesday, June 10, 2003 Web Services Brief Overview & Security Assertion Coordinator Pattern by Mohammad Abushadi & Riaz Ahmed for Security Group CSE - FAU

2 Tuesday, June 10, 2003 Agenda Overview W3C definition Standards used Tools Architecture Security Assertion Coordinator Pattern

3 Tuesday, June 10, 2003 Definition Software system identified by a URI(Uniform Resource Identifier) whose public interfaces and bindings are defined and described using XML. Its definition can be discovered by other software systems. These systems may then interact with the Web service in a manner prescribed by its definition, using XML based messages conveyed by Internet protocols. [W3C-1]

4 Tuesday, June 10, 2003 Example Orbitarium Web Service: This is a web service for retrieving the astronomical positions of the Sun, Moon, and planets of the Solar System at the current time, or at any past present or future date. The service is free for public. [Orbit-1] Note: The service is up and running and freely available for public.

5 Tuesday, June 10, 2003 Standards UDDI: Universal Description, Discovery and Integration. Like yellow pages for Web Services. Service information. Can be public/global or private/local. [Uddi-1] WSDL: Web Services Description Language. Is XML based. To hold information like the web service interfaces, access protocols and so. Similar to IDL. SOAP: Simple Object Access Protocol. Is XML based. Uses http as mean of transfer, making it easy to work with firewalls since most firewalls allow http. SAML: Security Assertion Markup Language. Uses assertions. Three type of assertion: authentication, attribute and authorization. Is used on top of SOAP.

6 Tuesday, June 10, 2003 Tools Two types: Microsoft or Java based. MS.NET Studio Sun One Studio IBM WebSphere BEA WebLogic and many more…

7 Tuesday, June 10, 2003 Client UDDI Directory WSDL Service URI/URL HTTP Server Web Service SOAP Message DB Simple Architecture Find Service

8 Tuesday, June 10, 2003 Fig. Communication between SOAP client and server.[Prfct]

9 Tuesday, June 10, 2003 Role-based Security Assertion Coordinator Pattern (by: Dr. Ed Fernandez, Mohammad Abushadi, Riaz Ahmed) Intent: Seamless exchange of security data in distributed environment while maintaining role based access controls to resources in organizations.

10 Tuesday, June 10, 2003 Context: A distributed environment including heterogeneous systems and web services. Problem: Current systems lack feasible solutions to the problem of providing precise access control to resources, often requiring custom-built approaches that may not be easy to upgrade or modify. The growth of the number of networked business partners and their processes requires a means to exchange security information in a standardized format that is flexible to change at the same time. Costs are involved in custom integration processes, where time becomes crucial in achieving a quicker time-to-market competitive advantage. Costs include developer cost and development time.

11 Tuesday, June 10, 2003 The security of the shared data becomes another concern. Consistency of data exchange has to be assured. Interoperability of systems across various implementation platforms stands as a significant obstacle. Adding a new layer of security verification policies often proves tedious and costly in the current systems.

12 Tuesday, June 10, 2003 Problem: Distributed systems are in great need of integrating their inner processes that share commonly used data. Exchange of security related data in particular poses an important problem when the issues of interoperability is of concern. Organizations must be able to easily add new security layers across the distributed environment with little changes. Distributed environments must not resort to expensive global custom code changes in order to reflect new changes in security policies or data structure. Organizations in the distributed environment must have the ability to quickly achieve higher, more refined levels of security data control for better adherence to the continuously changing nature of organizational business rules. Each online destination site often has its own custom-made authentication system.

13 Tuesday, June 10, 2003 Solution: Exchange security information using a standard. In particular, manage security data in the form of XML-based SAML assertions using the SOAP protocol over HTTP.

14 Tuesday, June 10, 2003 Cont…

15 Tuesday, June 10, 2003 Cont…

16 Tuesday, June 10, 2003 Cont…

17 Tuesday, June 10, 2003 Cont…

18 Tuesday, June 10, 2003 Consequences: Benefits: Centralized data exchange Standardized approach Role-based access Extensibility Liabilities: Complex to implement Computationally expensive

19 Tuesday, June 10, 2003 Variants: 1.Single Sign On 2.Back Office Transactions

20 Tuesday, June 10, 2003 Credits [W3C-1] http://www.w3.org/TR/2003/WD-ws-gloss-20030514/http://www.w3.org/TR/2003/WD-ws-gloss-20030514/ [Orbit-1] http://www.orbitarium.com/http://www.orbitarium.com/ [Uddi-1] http://www.uddi.orghttp://www.uddi.org [Prfct] http://www.perfectxml.com/articles/xml/interop.asphttp://www.perfectxml.com/articles/xml/interop.asp

Download ppt "Tuesday, June 10, 2003 Web Services Brief Overview & Security Assertion Coordinator Pattern by Mohammad Abushadi & Riaz Ahmed for Security Group CSE -"

Similar presentations

David Martin for DAML-S Coalition 05/08/2003 OWL-S: Bringing Services to the Semantic Web David Martin SRI International

David Martin for DAML-S Coalition 05/08/2003 OWL-S: Bringing Services to the Semantic Web David Martin SRI International
Welcome to Middleware Joseph Amrithraj

Welcome to Middleware Joseph Amrithraj
Web Service Architecture

Web Service Architecture
Web Service Composition Prepared by Robert Ma February 5, 2007.

Web Service Composition Prepared by Robert Ma February 5, 2007.
Overview of Web Services

Overview of Web Services
Matthew Kubicina CIS 764 Kansas State University.

Matthew Kubicina CIS 764 Kansas State University.
31242/32549 Advanced Internet Programming Advanced Java Programming

31242/32549 Advanced Internet Programming Advanced Java Programming
Web Services Copyright © 2000-2007 Liferay, Inc. All Rights Reserved. No material may be reproduced electronically or in print without written permission.

Web Services Copyright © Liferay, Inc. All Rights Reserved. No material may be reproduced electronically or in print without written permission.
Web Service Ahmed Gamal Ahmed Nile University Bioinformatics Group

Web Service Ahmed Gamal Ahmed Nile University Bioinformatics Group
1 Understanding Web Services Presented By: Woodas Lai.

1 Understanding Web Services Presented By: Woodas Lai.
Web Services Darshan R. Kapadia Gregor von Laszewski 1http://grid.rit.edu.

Web Services Darshan R. Kapadia Gregor von Laszewski 1http://grid.rit.edu.
Web Services Nasrullah. Motivation about web service There are number of programms over the internet that need to communicate with other programms over.

Web Services Nasrullah. Motivation about web service There are number of programms over the internet that need to communicate with other programms over.
WEB SERVICES DAVIDE ZERBINO.

WEB SERVICES DAVIDE ZERBINO.
Virtual Ticketing Agents using Web Services and J2EE Advisor: Dr. Chung-E-Wang Date: 05/06/03 Naveen Repala.

Virtual Ticketing Agents using Web Services and J2EE Advisor: Dr. Chung-E-Wang Date: 05/06/03 Naveen Repala.
Presentation 7 part 1: Web Services Introduced. Ingeniørhøjskolen i Århus Slide 2 Outline Definition Overview of Web Services Examples Next Time: SOAP.

Presentation 7 part 1: Web Services Introduced. Ingeniørhøjskolen i Århus Slide 2 Outline Definition Overview of Web Services Examples Next Time: SOAP.
Presentation 7: Part 1: Web Services Introduced. Outline Definition Overview of Web Services Examples Next Time: SOAP & WSDL.

Presentation 7: Part 1: Web Services Introduced. Outline Definition Overview of Web Services Examples Next Time: SOAP & WSDL.
Interactive Systems Technical Design Seminar work: Web Services Janne Ojanaho.

Interactive Systems Technical Design Seminar work: Web Services Janne Ojanaho.
Distributed components

Distributed components
A New Computing Paradigm. Overview of Web Services Over 66 percent of respondents to a 2001 InfoWorld magazine poll agreed that Web services are likely.

A New Computing Paradigm. Overview of Web Services Over 66 percent of respondents to a 2001 InfoWorld magazine poll agreed that "Web services are likely.
2006 IEEE International Conference on Web Services ICWS 2006 Overview.

2006 IEEE International Conference on Web Services ICWS 2006 Overview.

Similar presentations

Ads by Google