Presentation is loading. Please wait.

Presentation is loading. Please wait.

X.509 support in WCF Exploring support for X.509 Certificates in Microsoft’s Windows Communication Foundation Paul Cormier UCCS CS591 Fall 2009.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "X.509 support in WCF Exploring support for X.509 Certificates in Microsoft’s Windows Communication Foundation Paul Cormier UCCS CS591 Fall 2009."— Presentation transcript:

1 X.509 support in WCF Exploring support for X.509 Certificates in Microsoft’s Windows Communication Foundation Paul Cormier UCCS CS591 Fall 2009

2 12/8/2009Paul Cormier - X.509 Support in WCF 2 Right to the point… WCF allows you to specify a service Certificate with which it will use to decrypt SOAP messages sent from clients, and to sign messages sent to clients. It allows you to accept a client Certificate with which it will use to encrypt SOAP messages sent to clients and read signatures on SOAP messages sent from clients.

3 12/8/2009Paul Cormier - X.509 Support in WCF 3 WCF allows you to specify transport level protocol such as HTTPS (TLS/SSL), and the service Certificate that it uses to send SOAP messages in this manner. WCF allows you to specify that a client Certificate to be used for Identification and provides an Identity support class. WCF allows you to specify how Certificates should be trusted, either by its inclusion in your certificate store, chain trust in the CA signature or either.

4 12/8/2009Paul Cormier - X.509 Support in WCF 4 Certificate Validation, including support for custom validation. WCF allows you to set up a Hybrid Public/Symmetric key ‘conversation.’.Net Framework includes an entire namespace to support X.509 Certificates: System.Security.Cryptography.X509Certificates

5 12/8/2009Paul Cormier - X.509 Support in WCF 5 Overview 1.What is WCF 2.X.509 is standard specifying a Public Key Infrastructure (PKI). 3.Three certificates (CA, Service, Client) 4.WCF ABCs. 5.WCF Authentication, Authorization, Transfer Security, Identity Management 6.Example

6 12/8/2009Paul Cormier - X.509 Support in WCF 6 What is WCF Microsoft.Net framework API that unifies many existing standards: WS-Addressing, WS-ReliableMessaging, WS-Security etc. Uses SOAP messages Supports a number of different protocols Compatible with non-Microsoft web services and clients Service Oriented Architecture A WCF Service is composed of Service class, hosting environment and one or more Endpoints

7 12/8/2009Paul Cormier - X.509 Support in WCF 7 Endpoint = ABC Address (where is service) http://localhost:8000/servicename Binding (how do I talk to it) WSHttpBinding Contract (what can it do) [ServiceContract] [DataContract] [OperationContract] [FaultContract]

8 12/8/2009Paul Cormier - X.509 Support in WCF 8 WCF Authentication (who) Who are you (client, server)? Authentication Types: None, Windows authentication, Username and Password, X.509 Certificate, Issued Token, Custom For Certificate, the local Cert Store is checked. IIdentity interface.

9 12/8/2009Paul Cormier - X.509 Support in WCF 9 WCF Authorization (what) What does the client have access to do? Windows Groups (default) ASP.Net Membership provider (SQL Server) WCF provides IPrincipal interface and some implementing classes.

10 12/8/2009Paul Cormier - X.509 Support in WCF 10 WCF Transfer Security (how) How are messages secured while in transit? Transfer Security types: None, Transport, Message, Mixed, Both Message: end to end, slower, more complicated Transport: fast, hop-to-hop

11 12/8/2009Paul Cormier - X.509 Support in WCF 11 Identity Management The identity under which the code is ran. Can be mixed (calling user, id that service is running as) Special internal IIdentity class for X.509 Certificate Identity stored in IPrincipal implementation.

12 12/8/2009Paul Cormier - X.509 Support in WCF 12 B2B Example

13 12/8/2009Paul Cormier - X.509 Support in WCF 13 References Lowy, Juval; Programming WCF Services, Oreilly Improving Web Services Security, Scenarios and Implementation Guidance for WCF, Patterns and Practices series (WcfSecurityGuide.pdf), Microsoft Web Service Security; Scenarios, Patterns and Implementation Guidance for Web Services Enhancements (WSE) 3.0, Patterns and Practices series (MS_WSS_Dec_05.pdf), Microsoft Bustamante, Michele Leroux; Fundamentals of WCF Security; http://www.code- magazine.com/article.aspx?quickid=0611051http://www.code- magazine.com/article.aspx?quickid=0611051 Also… Wikipedia, various MSDN articles.

Download ppt "X.509 support in WCF Exploring support for X.509 Certificates in Microsoft’s Windows Communication Foundation Paul Cormier UCCS CS591 Fall 2009."

Similar presentations

The OWASP Foundation Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under.

The OWASP Foundation Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under.
Experience Building and Supporting Secure Ad Hoc Collaborations Deb Agarwal Lawrence Berkeley National Laboratory Ad Hoc Collaboration - Internet2 Fall.

Experience Building and Supporting Secure Ad Hoc Collaborations Deb Agarwal Lawrence Berkeley National Laboratory Ad Hoc Collaboration - Internet2 Fall.
WAP Public Key Infrastructure CSCI 5939.02 – Independent Study Fall 2002 Jaleel Syed Presentation No 5.

WAP Public Key Infrastructure CSCI – Independent Study Fall 2002 Jaleel Syed Presentation No 5.
VAR318: Developing Service Oriented Workflows Brian Noyes IDesign Inc (www.idesign.net)www.idesign.net

VAR318: Developing Service Oriented Workflows Brian Noyes IDesign Inc (
16.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

16.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.
Core Web Service Security Patterns

Core Web Service Security Patterns
Windows Communication Foundation and Web Services.

Windows Communication Foundation and Web Services.
© 2007 Charteris plc20 June 2015 1 1 Extending Web Service Security with WS-* Presented by Chris Seary MVP Charteris plc, 39-40 Bartholomew Close, London.

© 2007 Charteris plc20 June Extending Web Service Security with WS-* Presented by Chris Seary MVP Charteris plc, Bartholomew Close, London.
Using Internet Information Server And Microsoft ® Internet Explorer To Implement Security On The Intranet HTTP.

Using Internet Information Server And Microsoft ® Internet Explorer To Implement Security On The Intranet HTTP.
The Microsoft Technical Roadshow 2006 Windows Communication Foundation Mike Taulty Developer & Platform Group Microsoft Ltd

The Microsoft Technical Roadshow 2006 Windows Communication Foundation Mike Taulty Developer & Platform Group Microsoft Ltd
Prashanth Kumar Muthoju

Prashanth Kumar Muthoju
Module 13: WCF Receive Adapters. Overview Lesson 1: Introduction to WCF Receive Adapters Lesson 2: Configuring a WCF Receive Adapter Lesson 3: Using the.

Module 13: WCF Receive Adapters. Overview Lesson 1: Introduction to WCF Receive Adapters Lesson 2: Configuring a WCF Receive Adapter Lesson 3: Using the.
Getting Started with Windows Communication Foundation 4.5 Ed Jones, MCT, MCPD, MCTS Consultant RBA Inc.

Getting Started with Windows Communication Foundation 4.5 Ed Jones, MCT, MCPD, MCTS Consultant RBA Inc.
Getting Started with WCF Windows Communication Foundation 4.0 Development Chapter 1.

Getting Started with WCF Windows Communication Foundation 4.0 Development Chapter 1.
JVM Tehnologic Company profile & core business Founded: February 1992; –Core business: design and implementation of large software applications mainly.

JVM Tehnologic Company profile & core business Founded: February 1992; –Core business: design and implementation of large software applications mainly.
X-Road (X-tee) A platform-independent secure standard interface between databases and information systems to connect databases and information systems.

X-Road (X-tee) A platform-independent secure standard interface between databases and information systems to connect databases and information systems.
X.509 Certificate management in.Net By, Vishnu Kamisetty

X.509 Certificate management in.Net By, Vishnu Kamisetty
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Web Service Standards, Security & Management Chris Peiris www.ChrisPeiris.com.

Web Service Standards, Security & Management Chris Peiris

Similar presentations

Ads by Google