Presentation is loading. Please wait.

Presentation is loading. Please wait.

6/28/20151 Bringing Semantic Security to Semantic Web Services B. Ramamurthy.

Similar presentations

Presentation on theme: "6/28/20151 Bringing Semantic Security to Semantic Web Services B. Ramamurthy."— Presentation transcript:

1 6/28/20151 Bringing Semantic Security to Semantic Web Services B. Ramamurthy

2 6/28/20152 Introduction Humans can read web pages and understand them, but their inherent meaning is not shown in a way that allows their interpretation by a computer (program). One way to enable machine-to-machine exchange and automated processing is to provide the information in such as way that computers can understand it. This is precisely the objective of the semantic web. The next generation of the Web will combine existing Web technologies with knowledge representation formalisms.

3 6/28/20153 Semantic Web Services Web Services WWW Semantic Web Semantic Web Services dynamic static

4 6/28/20154 RDF, OWL, WSDL-S RDF is a standard for creating descriptions of information. RDF is for simple semantics. OWL provides a language for defining structured web-based ontologies which allows a richer integration and interoperability of data among communities and domains. WSDL-S establishes a mapping between WSDL descriptions and ontological concepts.

5 6/28/20155 WSDL-S Example Semantics can be added to operations, messages, preconditions and efforts xmlns:sm=

6 6/28/20156 Authoring Tool for WSDL-S To create, represent, and manipulate WSDL- S documents WSDL4J can be used. WSDL4J provides Java APIs for WSDL parsing and generation. WSDL4J supports extensibility elements providing an easy mechanism to add new extensions.

7 6/28/20157 Web Services Security Background Standards are proposed or accepted regarding authentication, encryption, and identity management. RSA encryption, XML signatures, SAML – Security Assertion Markup Language There are 5 fundamental areas to consider: Message level protection, Message privacy, parameter checking, authentication, and authorization. This is application layer security (not network layer security).

8 6/28/20158 Application of RSA Lets say a person in Atlanta wants to send a message M to a person in Buffalo: Atlanta encrypts message using Buffalo’s public key B  E(M,B) Only Buffalo can read it using it private key b: E(b, E(M,B))  M In other words for any public/private key pair determined as previously shown, the encrypting function holds two properties: E(p, E(M,P))  M E(P, E(M,p))  M

9 6/28/20159 How can you authenticate “sender”? In real life you will use signatures: we will look at concept of digital signatures next. Instead of sending just a simple message, Atlanta will send a signed message signed by Atlanta’s private key: E(B,E(M,a)) Buffalo will first decrypt using its private key and use Atlanta’s public key to decrypt the signed message: E(b, E(B,E(M,a))  E(M,a) E(A,E(M,a))  M

10 6/28/201510 Digital Signatures Strong digital signatures are essential requirements of a secure system. These are needed to verify that a document is: Authentic : source Not forged : not fake Non-repudiable : The signer cannot credibly deny that the document was signed by them.

11 6/28/201511 Digest Functions Are functions generated to serve a signatures. Also called secure hash functions. It is message dependent. Only the Digest is encrypted using the private key.

12 6/28/201512 Alice’s bank account certificate 1.Certificate type:Account number 2.Name:Alice 3.Account:6262626 4.Certifying authority:Bob’s Bank 5.Signature:{Digest(field 2 + field 3)} K Bpriv

13 6/28/201513 Digital signatures with public keys

14 6/28/201514 Message Privacy Deals with confidentiality of messages. Message header has token and signature. Typically WS are chained together to form a complex service. In this situation we need end-to-end encryption schemes. Scheme such as SSL will not suffice. Solution: XML encryption allows for encryption of any combination of the message body, header, attachments, and sub-structures.

15 6/28/201515 XML Signature Service requestor encrypts the message and the signature information in the header it may specify in the header that it used providers public key. Private key of the provider is then used decrypt the XML request. XML Encryption allows for multiple keys to be used for encrypting different sections thus allowing intermediaries to access parts of the message.

16 6/28/201516 Message level Protection Message level protection has to with message integrity. How do assure that the message has not been modified? This is done by creating a message digest. Digest is a cryptographic checksum of an octet stream which is created using an algorithm, say, SHA-1 algorithm. Provider gets the message, its digest as signature and type of algorithm used to create the digest. It creates the digest and compares with the one from the sender and verifies the integrity of the messages.

17 6/28/201517 Message validity Message validity is ensuring that the contents of a message are appropriate to the service and that they are well formed. You check the types used and operations used are valid. SQL injection is a common malicious code. Typical identification method is to look for “;’ (semicolon) that allows for SQL commands to follow.

18 6/28/201518 Authentication Authentication is verifying that the requester is who he/she claims to be. In a typically closed environment: user name / password If the sender previously unknown: send credential to verify oneself. Trusted authorities issues certificates that can be used as credential. (Verified by Verisign)

19 6/28/201519 Authorization In any organization, data located may have levels of sensitivity. Ex: grades and student personal information in a university: Infosource at UB. Authorization is granting of rights which includes the granting of access based on access rights. This typically takes place after authentication. Three most common access control implementations: Access matrix Access Control List (ACL) Role Based Access Control (RBAC)

20 6/28/201520 Access Matrix A general model of access control as exercised by a file or database management system is that of an access matrix. Basic elements of the model are: Subject: An entity capable of accessing objects. The concept of subject equates that of a process. Object: Anything to which access is controlled. Ex: files, programs, segments of memory. Access right: The way in which an object is accesses by the subject. Examples: read, write, and execute.

21 6/28/201521 Access Matrix (contd.) userA userB userC File 1 File 2File 3 File 4 Acct1 Acct2 Printer1 Own R, W Own R, W Own R, W Own R, W R R WR Inquiry Credit Inquiry Credit Inquiry Debit Inquiry Debit P

22 6/28/201522 Access Matrix Details Row index corresponds to subjects and column index the objects. Entries in the cell represent the access privileges/rights. In practice, access matrix is quite sparse and is implemented as either access control lists (ACLs) or capability tickets.

23 6/28/201523 ACLs Access matrix can be decomposed by columns, yielding access control lists. For each object access control list lists the users and their permitted access rights. The access control list may also have a default or public entry to covers subjects that are not explicitly listed in the list. Elements of the list may include individual as well group of users.

24 6/28/201524 WS Security Access Control Scheme name/password access token associated with each process object indicating privileges associated with a user security descriptor access control list used to compare with access control list for object

25 6/28/201525 Access Token (per user/subject) Security ID (SID) Group SIDs Privileges Default Owner Default ACL

26 6/28/201526 Security Descriptor (per Object) Flags Owner System Access Control List (SACL) Discretionary Access Control List (DACL)

27 6/28/201527 Access Control List ACL Header ACE Header Access Mask SID ACE Header Access Mask SID......

28 6/28/201528 Access Mask Generic All Generic Execute Generic Write Generic Read Access System Security Maximum allowed Delete Read Control Write DAC Write Owner Synchronize Generic Access Types Standard Access Types Specific Access Types

29 6/28/201529 Access Control Using ACLs When a process attempts to access an object, the object manager in security executive reads the SID and group SIDs from the access token and scans down the object’s DACL. If a match is found in SID, then the corresponding ACE Access Mask provides the access rights available to the process.

30 6/28/201530 RBAC In 2004 the National Institute of Standards and Technology (NIST) published a standard for defining the features of the Role Based Access Control (RBAC). Two parts: (i) Reference model and (ii) System and Administrative functions. Reference model: objects, operations, permissions, roles and users (in-band artifacts) Administrative model: system functionality, administrative operations and reviews.

31 6/28/201531 RBAC Details RBAC starts with Permission sets. Permission express a privilege to access a resource. Examples of permission: “create a file”, “access grades information” (ublearns) Next steps is defines Roles and assigning permissions to Roles. Examples of roles: “Physician”, “Reviewer” Scenario driven approach is typically used to connect roles to permissions. Upper level ontology in SWS should map Users, Roles, Groups etc. to the ontology.

Download ppt "6/28/20151 Bringing Semantic Security to Semantic Web Services B. Ramamurthy."

Similar presentations

Ads by Google