Presented to: TIM Participants By: Dominic (Bud) Timoteo Date: May 4, 2011 Federal Aviation Administration SWIM Laboratory Update Demonstrations and Prototypes.

Slides:



Advertisements
Similar presentations
Using PHINMS and Web-Services for Interoperability The findings and conclusions in this presentation are those of the author and do not necessarily represent.
Advertisements

Presented to: By: Date: Federal Aviation Administration Registry/Repository in a SOA Environment SOA Brown Bag #5 SWIM Team March 9, 2011.
A Successful RHIO Implementation
WSO2 Identity Server Road Map
Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Dorian Grid Identity Management and Federation Dialogue Workshop II Edinburgh, Scotland February 9-10, 2006 Stephen Langella Department.
NHIN Specifications Richard Kernan, NHIN Specification Lead (Contractor), Office of the National Coordinator for Health IT Karen Witting, Contractor to.
December 19, 2006 Solving Web Single Sign-on with Standards and Open Source Solutions Trey Drake AssetWorld 2007 Albuquerque, New Mexico November 2007.
Peoplesoft: Building and Consuming Web Services
Delivering Digital NOTAMs over
Web Service Security CSCI5931 Web Security Instructor: Dr. T. Andrew Yang Student: Jue Wang.
GFIPM Web Services Concept and Normative Standards GFIPM Delivery Team Meeting November 2011.
December 3, 2010 SAIF Governance Framework A Brief Update on work to date.
Service Lifecycle Management
Secure Systems Research Group - FAU Web Services Standards Presented by Keiko Hashizume.
SOA & BPM Business Architecture, SOA & BPM Learn about SOA and Business Process Management (BPM) Learn how to build process diagrams.
System Design/Implementation and Support for Build 2 PDS Management Council Face-to-Face Mountain View, CA Nov 30 - Dec 1, 2011 Sean Hardman.
Shibboleth 2.0 : An Overview for Developers Scott Cantor The Ohio State University / Internet2 Scott Cantor The Ohio.
SOA – Development Organization Yogish Pai. 2 IT organization are structured to meet the business needs LOB-IT Aligned to a particular business unit for.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
1 © Talend 2014 Service Registry / WS-Policy Registry Training Slides 2014 Jan Bernhardt Zsolt Beothy-Elo
Cardea Requirements, Authorization Model, Standards and Approach Globus World Security Workshop January 23, 2004 Rebekah Lepro Metz
Catalyst 2002 SAML InterOp July 15, 2002 Prateek Mishra San Francisco Netegrity.
Distributed Web Security for Science Gateways Jim Basney In collaboration with: Rion Dooley Jeff Gaynor
SWITCHaai Team Introduction to Shibboleth.
© 2009 IBM Corporation Integrating WSRR and DataPower Andrew White – Software Developer 18 March 2010.
THE GITB TESTING FRAMEWORK Jacques Durand, Fujitsu America | December 1, 2011 GITB |
Security in Virtual Laboratory System Jan Meizner Supervisor: dr inż. Marian Bubak Consultancy: dr inż. Maciej Malawski Master of Science Thesis.
TeraGrid Science Gateways: Scaling TeraGrid Access Aaron Shelmire¹, Jim Basney², Jim Marsteller¹, Von Welch²,
Lecture 23 Internet Authentication Applications modified from slides of Lawrie Brown.
OV Copyright © 2013 Logical Operations, Inc. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
System Wide Information Management (SWIM) Segment 1 Status Update
Evaluation and Testbed Development Bhavani Thuraisingham The University of Texas at Dallas Jim Massaro and Ravi Sandhu.
1st Workshop on Intelligent and Knowledge oriented Technologies Universal Semantic Knowledge Middleware Marek Paralič,
Presented at: Demonstrations and Prototypes TIM 7 Presented by: Dominic Timoteo / Shoeb Jafri SWIM Implementation Team May 04, 2011 Federal Aviation Administration.
Web Services Security Standards Overview for the Non-Specialist Hal Lockhart Office of the CTO BEA Systems.
OpenPASS Open Privacy, Access and Security Services “Quis custodiet ipsos custodes?”
Presented to: By: Date: Federal Aviation Administration SWIM Governance Demonstration and Prototyping Information Exchange Briefing Paul Jackson November.
OOI CI LCA REVIEW August 2010 Ocean Observatories Initiative OOI Cyberinfrastructure Architecture Overview Michael Meisinger Life Cycle Architecture Review.
Federal Aviation Administration System Wide Information Management Segment 2 JRC Progress Presented to: Demonstrations and Prototypes TIM 5 Presented by:
17 March 2008 © 2008 The University of Edinburgh, European Microsoft Innovation Center and University of Southampton IT Innovation Centre 1 NextGRID Security.
Presented to: Net-Centric Demos/Prototypes TIM By: Mike Hritz Date: May 4, 2011 Federal Aviation Administration System Wide Information Management (SWIM)
Empowering people-centric IT Unified device management Access and information protection Desktop Virtualization Hybrid Identity.
Connect. Communicate. Collaborate Federation Interoperability Made Possible By Design: eduGAIN Diego R. Lopez (RedIRIS)
Shibboleth Akylbek Zhumabayev September Agenda Introduction Related Standards: SAML, WS-Trust, WS-Federation Overview: Shibboleth, GSI, GridShib.
W3C Web Services Architecture Security Discussion Kick-Off Abbie Barbir, Ph.D. Nortel Networks.
Grid Security: Authentication Most Grids rely on a Public Key Infrastructure system for issuing credentials. Users are issued long term public and private.
Prabath Siriwardena – Software Architect, WSO2. Patterns Standards Implementations Plan for the session.
Security Token Service (STS) Design & Development Plans Henri Mikkonen / HIP 3 rd EMI All-Hands Meeting , Padova, Italy.
Geo-distributed Messaging with RabbitMQ
Deconstructing API Security
Presented to: By: Date: Federal Aviation Administration NextGen Network Enabled Weather Capability Evaluations Demonstration and Prototyping Information.
Technical Support to SOA Governance E-Government Conference May 1-2, 2008 John Salasin, Ph.D. DARPA
System/SDWG Update Management Council Face-to-Face Flagstaff, AZ August 22-23, 2011 Sean Hardman.
April, 2005 ebSOA Based on FERA Reference Model Vasco Drecun Collaborative Product Development Associates, LLC Goran Zugic ebXMLsoft Inc.
Helping the Cause of Medical Device Interoperability Through Standards- based Test Tools DoC/NIST John J. Garguilo January 25,
Federal Aviation Administration System Wide Information Management SWIM Implementing Programs (SIPs) Status Presented to: Demonstrations and Prototypes.
International Planetary Data Alliance Registry Development and Coordination Project Report 7 th IPDA Steering Committee Meeting July 13, 2012.
F5 APM & Security Assertion Markup Language ‘sam-el’
ESRIN, 15 July 2009 Slide 1 Web Service Security support in the SSE Toolbox HMA-T Phase 2 FP 14 December 2009 S. Gianfranceschi, Intecs.
Architecture Review 10/11/2004
The GEMBus Architecture and Core Components
Introduction to SOA Part II: SOA in the enterprise
Presentation transcript:

Presented to: TIM Participants By: Dominic (Bud) Timoteo Date: May 4, 2011 Federal Aviation Administration SWIM Laboratory Update Demonstrations and Prototypes TIM 7

2 Federal Aviation Administration SWIM Laboratory Update Demonstrations and Prototypes TIM 7 - May 4, 2011 SIF (SWIM Integration Facility) SPF (SWIM Prototype Facility) SWIM Laboratory Consists of 2 facilities:

3 Federal Aviation Administration SWIM Laboratory Update Demonstrations and Prototypes TIM 7 - May 4, 2011 SWIM Integration Facility SWIM COTS Products Repository SWIM COTS & FOSS Working Group NAS Services Registry Repository (NSRR) Other: –SWIM Wiki –Security & Vulnerability Analysis of SWIM Products –Support Segment 2 User prototypes SIF (SWIM Integration Facility) SPF (SWIM Prototype Facility)

4 Federal Aviation Administration SWIM Laboratory Update Demonstrations and Prototypes TIM 7 - May 4, 2011 Product Inventory – Functional SWIM ProductsOpen Source SoftwareProprietary Software WS StackFuse Services Framework*Artix ESB SC Enterprise Integration Patterns (EIP)Fuse Mediation Router* Fuse ESB* Message Oriented Middleware (MOM)Fuse Message Broker* Enterprise Service Bus (ESB)Fuse ESB* System Management Subsystem (SMS)Fuse HQ*, Artix Enterprise Management Plug-in Information GridData eXtend Semantic Integrator (DXSI) COTS Product RepositoryNexus OSGI runtime endpoint managementARTIX Reg/Rep (Depot) Registry/RepositoryHP-soa-systinet-eclipse-plugin HP-soa-systinet-visual-studio-plugin HP SOA Systinet HP SOA Registry Security Artix Connect for WCF, Artix Security Development Tools/EnvironmentEclipse, Ant, MavenFuse Integration Designer SOA Test ToolssoapUI, Actional Diagnostics iTKO Lisa*, Actional Team Server* Available from COTS Repository ( Available on SWIM ftp (ftp://swimftp.tc.faa.gov) * Products being used by SIPs

5 Federal Aviation Administration SWIM Laboratory Update Demonstrations and Prototypes TIM 7 - May 4, 2011 SWIM COTS & FOSS Working Group WG is the vehicle to: –Select Fuse product versions that SWIM supports –Facilitate Fuse issue info exchange & resolution –Decide need for Fuse improvements –Disseminate product info and track SIP use of SWIM products Facilitate monthly meetings Generate and Maintain: –SWIM FUSE Issue Tracker (weekly updates to SWIM wiki) –SWIM COTS Products Status Report (monthly) –COTS Products Management Plan (annually) System Wide Information Management (SWIM) Commercial Off The Shelf and Open Source Products Status Report April 27, 2011

6 Federal Aviation Administration SWIM Laboratory Update Demonstrations and Prototypes TIM 7 - May 4, 2011

7 Federal Aviation Administration SWIM Laboratory Update Demonstrations and Prototypes TIM 7 - May 4, 2011 NAS Services Registry Repository Administer & Maintain HP SOA Systinet Application Support users User documentation –Publishers Guide –Consumers Guide –Administrators Guide Work with SWIM Governance to assure NSRR compliant with SWIM policies

8 Federal Aviation Administration SWIM Laboratory Update Demonstrations and Prototypes TIM 7 - May 4, 2011 NSRR The NAS Services Registry Repository provides a wide range of functionality

9 Federal Aviation Administration SWIM Laboratory Update Demonstrations and Prototypes TIM 7 - May 4, 2011 SWIM Service Lifecycle Management The SWIM Registry/Repository accommodates a custom lifecycle management process

10 Federal Aviation Administration SWIM Laboratory Update Demonstrations and Prototypes TIM 7 - May 4, 2011 SWIM Registry Service Creation The SWIM Registry/Repository business service consists of many artifacts

11 Federal Aviation Administration SWIM Laboratory Update Demonstrations and Prototypes TIM 7 - May 4, Other Implementation Tasks Administer & Maintain SWIM Wiki Security & Vulnerability Analysis of SWIM Products using Veracode – initial trial scan of Fuse Message Broker executable Work with SWIM Test & COTSWG & AWG to add SIP-related tests to FUSE verification activity Support Segment 2 User prototypes (AIM Common Status and Structure Data Program) Provide facility for SWIM Test

12 Federal Aviation Administration SWIM Laboratory Update Demonstrations and Prototypes TIM 7 - May 4, 2011 SWIM Prototype Facility

13 Federal Aviation Administration SWIM Laboratory Update Demonstrations and Prototypes TIM 7 - May 4, 2011 SWIM Security Reference Implementation (SSRI) Demonstrate securing Web Services at multiple levels –Transport (securing communication) –Endpoint (securing access to service) –Message (provide integrity, non-repudiation, etc. ) –Business Logic (ex: restricted access to service operation) –Data (securing data, meta-data) Demonstrate integration with enterprise level components and appropriate technologies –Authentication & Authorization (LDAP, X.509 certificates, SAML) –Key management (PKI, X.509 certificates) –Java Authentication & Authorization Service (JAAS) –Spring Security Provide secure Web Service example (code, configurations), client, and example components

14 Federal Aviation Administration SWIM Laboratory Update Demonstrations and Prototypes TIM 7 - May 4, 2011 oAuth Prototype Single Sign On / UI –Evaluate use of OAuth 2.0 for common login infrastructure (contrast with SAML, etc) for applications that reside within the NAS Messaging –Evaluate use of ‘two-legged’ OAuth for message level security (REST only) –Evaluate interplay with WS-Security, ‘boundary-crossings’ Common (SSO + Messaging) –Develop/adopt standard format for user attribute exchange (e.g., openid connect) –Evaluate OAuth-based representation of NAS internal attribute authority

15 Federal Aviation Administration SWIM Laboratory Update Demonstrations and Prototypes TIM 7 - May 4, 2011 Recent Work Segment 2 Prototypes –SWIM Security Reference Implementation Updated to include FUSE ESB 4.2 Implemented Binary Security Token (BST) security profile Implemented Username Token security profile Implemented Transport Layer Security (TLS) Updated Build Guide documentation –oAuth Prototypes Completed Sprint 1 and 2 Design/Develop screens to set up target applications Design/Develop user registration screens

16 Federal Aviation Administration SWIM Laboratory Update Demonstrations and Prototypes TIM 7 - May 4, 2011 Messaging Prototype Pub/Sub & Send/Receive Semantics Reliable Messaging Enterprise Routing –Content-based Routing Message Mediation Message Transport Message Security –Service and Destination Authorization –Message-Level Integrity and Confidentiality

17 Federal Aviation Administration SWIM Laboratory Update Demonstrations and Prototypes TIM 7 - May 4, 2011 Recent Work Messaging Prototype –Prototype Plan –Implement JMS broker network –Implement SAN-based clustering and persistence –Implement simulated SIP clients –Document broker cluster and network configuration

18 Federal Aviation Administration SWIM Laboratory Update Demonstrations and Prototypes TIM 7 - May 4, 2011 Recent Work IKM –XML Gateway Requirements –XML Gateway Mutual TLS configuration for incoming connections using self-signed certificates Authentication of incoming messages via Username Token Authentication of incoming messages via Binary Security Token Authentication of incoming messages via SAML Authentication Insertion of SAML AuthN Assertions into outgoing messages –Developed draft IKM Requirements –Developed rough draft of IKM CONOPs

19 Federal Aviation Administration SWIM Laboratory Update Demonstrations and Prototypes TIM 7 - May 4, 2011 Conformance Test Kit – (CTK) Measure and report on conformance against: –The four security profiles defined in SWIM WS-Security Specification –WS-I Basic Security Profile Measure conformance across a set of test scenarios Support stateful evaluation of messages –Recognize replay scenarios –Evaluate the response in the context of the request Allow the CTK to participate both actively and passively –As a web-service proxy –As a web service provider –As a web service client –As a web service intermediary

20 Federal Aviation Administration SWIM Laboratory Update Demonstrations and Prototypes TIM 7 - May 4, 2011 Future - Security Prototype for Segment 2 Prototype combination of: –DNS – Seg 1+ –NTP – Seg 1+ –IKM – Seg 2, phase 1 –SWIM Enterprise Messaging System (a.k.a. DEX) – Seg 2, phase 1 In planning stages –Drafted plan –Setting up lab connectivity with FTI

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.