Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Web Service Security Through A Guard Roxanne Yee Home Institution: University of Hawai ʻ i at Mānoa Internship Site: Akimeka, LLC Mentor: Marc Lefebvre.

Published byCristian Dovel Modified over 9 years ago

Similar presentations

Presentation on theme: "1 Web Service Security Through A Guard Roxanne Yee Home Institution: University of Hawai ʻ i at Mānoa Internship Site: Akimeka, LLC Mentor: Marc Lefebvre."— Presentation transcript:

1 1 Web Service Security Through A Guard Roxanne Yee Home Institution: University of Hawai ʻ i at Mānoa Internship Site: Akimeka, LLC Mentor: Marc Lefebvre Advisor: Todd Lawson

2 2 Presentation Overview Project Hierarchy and Motivation Background and Terminology Guard Web Service Security My Specific Part Test Bench An Example Questions

3 3 Information Assurance (IA) Group Cross Domain Solutions (CDS) Group GWSG (Global Web Services Gateway) Project Service Oriented Architecture (SOA) Test Lab Customers National Security Agency (NSA) Defense Information Systems Agency (DISA)

4 4 GWSG Project Motivation Goal To enhance the capabilities of a user on a classified network to gain immediate access to data available on an unclassified network Unclassified Database Classified Network User

5 5 GWSG Project Motivation One Method Currently Used To Access Data Unclassified Database Classified Database Classified Network User (Soldier) Sneaker-net

6 6 GWSG Project Motivation Disadvantages to Current Methods Redundancies of Data Time Costly Replication Transportation Need For Data Synchronization Frequent Updates No Guarantee of Data Availability Extra Manpower by Man-In-The-Loop

7 7 GWSG Project Motivation New Cross Domain Solution (CDS) Web Services Technology Unclassified Database Classified Network User (Soldier) Guard

8 8 SOA Test Lab Component Goal Evaluate Guards Specified by NSA and DISA Compare capability and effectiveness to process message formats used by web services today Provide the best guard solution given a specific situation in which the guard would be applied

9 9 My Part In The SOA Test Lab Research and Document How To Implement Web Service Security Controlled and Predictable Environment Test Web Service Findings To Be Used In SOA Test Lab Foundation Template

10 10 WSS, SOAP, and HTTP WSS or WS-Security (Web Service Security) OASIS (Organization for the Advancement of Structured Information Standards) Applied to SOAP Messages SOAP (Simple Object Access Protocol) Message Format HTTP (Hypertext Transfer Protocol) Transport Protocol

11 11 The Project: Test Bench Client and Server on same computer Communicate through localhost interface Client (soapUI) Server (Axis2) * SOAP Request and SOAP Response

12 12 The Project: Open-Source Software Server Side Tomcat 6.0.16 Axis2 1.4 Rampart 1.4 Client Side soapUI 2.0.2

13 13 The Project: Test Bench Client and Server on same computer Communicate through localhost interface Client (soapUI) Server (Axis2) * SOAP Request with WSS

14 14 soapUI Outgoing Configuration Interface Used to Apply WSS to Request To Server

15 15 A SOAP Message Request w/o WSS Hello? Usual Request soapUI Sends w/o WSS

16 16 A SOAP Message Request Header with WSS <wsse:UsernameToken wsu:Id=“UsernameToken- 22786527” xmlns:wsu:=“http://…utility-1.0.xsd”> alice bobPW Additional WSS Informational Applied To Usual Request soapUI

17 17 The Project: Test Bench Client and Server on same computer Communicate through localhost interface Client (soapUI) Server (Axis2) * SOAP Response with WSS

18 18 services.xml Without Rampart <messageReceiver class= "org.apache.axis2.rpc.receivers.RPCMessageReceiver"/> org.apache.rampart.samples.policy.sample01.SimpleService Usual Configuration Scheme For A Service on The Server

19 19 services.xml with Rampart <sp:UsernameToken sp:IncludeToken= "http://…/IncludeToken/AlwaysToRecipient"/> username org.apache.rampart.samples.policy.sample01.PWCBHandler Additional Code To Tell Rampart What Type of WSS To Expect

20 20 The Project: Test Bench Client and Server on same computer Communicate through localhost interface Client (soapUI) Server (Axis2) * SOAP Messages with WSS

21 21 The Project: Ultimate Purpose Client (soapUI) Server (Axis2) * SOAP over HTTP with WSS * Proprietary Format over Proprietary Protocol localhost ClassifiedUnclassified Guard XML Firewall XML Firewall

22 22 WSS Mechanisms Attempted User Name Token Username and Password Timestamp Time to Live Encryption Confidentiality Signature Integrity and Authentication

23 23 An Example: Test Web Service ClientServer “Hi!”

24 24 An Example: Valid User Name Token ClientServer Echo Correct Username And Password

25 25 An Example: Invalid User Name Token ClientServer Incorrect Username And/Or Password Error

26 26 An Example: Test Results UsernamePasswordResult Correct Echo Incorrect Error Blank Error CorrectIncorrectError CorrectBlankError IncorrectCorrectError IncorrectBlankError BlankCorrectError BlankIncorrectError

27 27 Actual SOA Test Lab Setup

28 28 Acknowledgements VP Operations Matt Granger Program Manager Todd Lawson Mentor Marc Lefebvre GWSG Bryan Berkowitz Casey McGinty Scott Oshita Christopher Paris Derek Terawaki Helpful Coworkers Conrado Cortez Deanna Garcia Mark Mizubayashi Former Cubiclemates Ellen Federoff Kelly Ledford And Everyone Else Who Made Me Feel Welcome!

29 29 Acknowledgements Maui Akamai Internship Program Funding Center for Adaptive Optics (CfAO) National Science Foundation and Technology Center Grant (#AST-987683) Akamai Workforce Initiative National Science Foundation Grant and Air Force Office of Scientific Research Grant (#AST-0710699) University of Hawai ʻ i Grant Program Staff Lisa Hunter Lani LeBron Scott Seagroves Lynne Raschke Short Course Instructors Dave Harrington Ryan Montgomery Isar Mostafanezhad Mark Pitts Sarah Sonnet And Everyone Else Who Contributed To This Valuable Experience!

30 30 Thank you! Any Questions?

Download ppt "1 Web Service Security Through A Guard Roxanne Yee Home Institution: University of Hawai ʻ i at Mānoa Internship Site: Akimeka, LLC Mentor: Marc Lefebvre."

Similar presentations

You have been given a mission and a code. Use the code to complete the mission and you will save the world from obliteration…

You have been given a mission and a code. Use the code to complete the mission and you will save the world from obliteration…
1 Senn, Information Technology, 3 rd Edition © 2004 Pearson Prentice Hall James A. Senns Information Technology, 3 rd Edition Chapter 7 Enterprise Databases.

1 Senn, Information Technology, 3 rd Edition © 2004 Pearson Prentice Hall James A. Senns Information Technology, 3 rd Edition Chapter 7 Enterprise Databases.
Computer Networks TCP/IP Protocol Suite.

Computer Networks TCP/IP Protocol Suite.
Advanced Piloting Cruise Plot.

Advanced Piloting Cruise Plot.
Chapter 1 The Study of Body Function Image PowerPoint

Chapter 1 The Study of Body Function Image PowerPoint
Copyright (c) 2002 Japan Network Information Center Introduction of JPNICs New Registry System Izumi Okutani IP Address Section Japan Network Information.

Copyright (c) 2002 Japan Network Information Center Introduction of JPNICs New Registry System Izumi Okutani IP Address Section Japan Network Information.
By Rick Clements cle@cypress.com Software Testing 101 By Rick Clements cle@cypress.com.

By Rick Clements Software Testing 101 By Rick Clements
1 Hyades Command Routing Message flow and data translation.

1 Hyades Command Routing Message flow and data translation.
19 Copyright © 2005, Oracle. All rights reserved. Distributing Modular Applications: Developing Web Services.

19 Copyright © 2005, Oracle. All rights reserved. Distributing Modular Applications: Developing Web Services.
18 Copyright © 2005, Oracle. All rights reserved. Distributing Modular Applications: Introduction to Web Services.

18 Copyright © 2005, Oracle. All rights reserved. Distributing Modular Applications: Introduction to Web Services.
Copyright CompSci Resources LLC 2009 1 Web-Based XBRL Products from CompSci Resources LLC Virginia, USA. Presentation by: Colm Ó hÁonghusa.

Copyright CompSci Resources LLC Web-Based XBRL Products from CompSci Resources LLC Virginia, USA. Presentation by: Colm Ó hÁonghusa.
Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13

Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13
Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13

Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13
Title Subtitle.

Title Subtitle.
My Alphabet Book abcdefghijklm nopqrstuvwxyz.

My Alphabet Book abcdefghijklm nopqrstuvwxyz.
FACTORING ax2 + bx + c Think “unfoil” Work down, Show all steps.

FACTORING ax2 + bx + c Think “unfoil” Work down, Show all steps.
Universitá degli Studi di LAquila Mälardalens Högskola, Västerås 10th September 2009 Integrating Wireless Systems into Process Industry and Business Management.

Universitá degli Studi di LAquila Mälardalens Högskola, Västerås 10th September 2009 Integrating Wireless Systems into Process Industry and Business Management.
Communicating over the Network

Communicating over the Network
Server Access The REST of the Story David Cleary

Server Access The REST of the Story David Cleary
Chapter 1 Data Communications and NM Overview 1-1 Chapter 1

Chapter 1 Data Communications and NM Overview 1-1 Chapter 1

Similar presentations

Ads by Google