Presentation is loading. Please wait.

Presentation is loading. Please wait.

Dr. Bhavani Thuraisingham October 2006 Trustworthy Semantic Webs Lecture #16: Web Services and Security.

Published byJodie McCarthy Modified over 8 years ago

Similar presentations

Presentation on theme: "Dr. Bhavani Thuraisingham October 2006 Trustworthy Semantic Webs Lecture #16: Web Services and Security."— Presentation transcript:

1 Dr. Bhavani Thuraisingham October 2006 Trustworthy Semantic Webs Lecture #16: Web Services and Security

2 16-2 10/8/2015 20:38 Outline 0 Web Services 0 Service Oriented Architectures 0 Web Services Description Language 0 UDDI 0 SOAP 0 WSDL with XML 0 Security 0 OASIS 0 Federated identity 0 Directions 0 http://www.service-architecture.com/articles/index.html

3 16-3 10/8/2015 20:38 Web Services Definition 0 Web Services refers to the technologies that allow for making connections. 0 Services are what you connect together using Web Services. 0 A service is the endpoint of a connection. 0 Also, a service has some type of underlying computer system that supports the connection offered. 0 The combination of services - internal and external to an organization - make up a service-oriented architecture.

4 16-4 10/8/2015 20:38 Service Oriented Architectures (SOA) 0 A service-oriented architecture is essentially a collection of services. 0 These services communicate with each other. 0 The communication can involve either simple data passing or it could involve two or more services coordinating some activity. Some means of connecting services to each other is needed. 0 Service-oriented architectures are not a new thing. The first service- oriented architecture for many people in the past was with the use DCOM or Object Request Brokers (ORBs) based on the CORBA specification. 0 If a service-oriented architecture is to be effective, we need a clear understanding of the term service. 0 A service is a function that is well-defined, self-contained, and does not depend on the context or state of other services

5 16-5 10/8/2015 20:38 Service Oriented Architectures 0 The technology of web services is the most likely connection technology of service-oriented architectures. 0 Web services essentially use XML Technology create a robust connection. 0 A service consumer sends a service request message to a service provider 0 The service provider returns a response message to the service consumer. 0 The request and subsequent response connections are defined in some way that is understandable to both the service consumer and service provider. 0 A service provider can also be a service consumer.

6 16-6 10/8/2015 20:38 Web Services Description Language 0 The Web Services Description Language (WSDL) forms the basis for Web Services. The steps involved in providing and consuming a service are: -A service provider describes its service using WSDL. This definition is published to a directory of services. The directory could use Universal Description, Discovery, and Integration (UDDI). Other forms of directories can also be used. -A service consumer issues one or more queries to the directory to locate a service and determine how to communicate with that service. -Part of the WSDL provided by the service provider is passed to the service consumer. This tells the service consumer what the requests and responses are for the service provider. -The service consumer uses the WSDL to send a request to the service provider. -The service provider provides the expected response to the service consumer.

7 16-7 10/8/2015 20:38 UDDI 0 The UDDI registry is intended to eventually serve as a means of "discovering" Web Services described using WSDL. 0 The idea is that the UDDI registry can be searched in various ways to obtain contact information and the Web Services available for various organizations. 0 UDDI registry is a way to keep up-to-date on the Web Services your organization currently uses 0 Alternative to UDDI is ebXML Directory

8 16-8 10/8/2015 20:38 SOAP 0 All the messages are sent using SOAP. (SOAP at one time stood for Simple Object Access Protocol; Now, the letters in the acronym have no particular meaning.) 0 SOAP essentially provides the envelope for sending the Web Services messages. 0 SOAP generally uses HTTP, but other means of connection may be used. 0 HTTP is the familiar connection we all use for the Internet. 0 It is the pervasiveness of HTTP connections that will help drive the adoption of Web Services.

9 16-9 10/8/2015 20:38 WDSL with XML 0 WSDL uses XML to define messages. 0 XML has a tagged message format. 0 Both the service provider and service consumer use these tags. 0 In fact, the service provider could send the data in any order. 0 The service consumer uses the tags and not the order of the data to get the data values.

10 16-10 10/8/2015 20:38 Security 0 Security and authorization is a important topic with Web Services. 0 In fact, security and authorization specifications are currently in flux. This is often the reason cited for not proceeding with any work related to Web Services. Therefore, we need experimentation. 0 Much can be done without having the specifications complete. Nearly all organizations should be able to find some areas to experiment with Web Services that have low requirements for security and authorization.

11 16-11 10/8/2015 20:38 Security 0 Security and authorization specifications include: -eXtensible Access Control Markup Language (XACML) -eXtensible Rights Markup Language (XrML) -Security Assertion Markup Language (SAML) -Service Protection Markup Language (SPML) -Web Services Security (WSS) -XML Common Biometric Format (XCBF) -XML Key Management Specification (XKMS)

12 16-12 10/8/2015 20:38 Security 0 Firewalls -Specialized XML firewalls offer the promise of protecting internal systems when using Web Services. -Traditional firewalls offer protection at the packet level and do not examine the contents of messages. - XML firewalls, on the other hand, examine the contents of messages. This includes the SOAP headers and the XML content. -They are designed to permit authorized content to pass through the firewall.

13 16-13 10/8/2015 20:38 Security: Examples XACML, SAML, WSS 0 XACML (OASIS Spec) -eXtensible Access Control Markup Language (XACML) provides fine grained control of authorized activities, the effect of characteristics of the access requestor, the protocol over which the request is made, authorization based on classes of activities, and content introspection. 0 SAML (OASIS Spec) -It is an XML framework for exchanging authentication and authorization information. It is used with WSS 0 WSS (OASIS Spec) -It describes enhancements to SOAP messaging in order to provide quality of protection through message integrity, and single message authentication. These mechanisms can be used to accommodate a wide variety of security models and encryption technologies.

14 16-14 10/8/2015 20:38 OASIS 0 Organization for the Advancement of Structured Information Standards (OASIS) 0 OASIS is a not-for-profit, global consortium that drives the development, convergence, and adoption of e-business standards. 0 Members themselves set the OASIS technical agenda, using a lightweight, open process expressly designed to promote industry consensus and unite disparate efforts. 0 OASIS produces worldwide standards for security, Web Services, XML conformance, business transactions, electronic publishing, topic maps, and interoperability within and between marketplaces. OASIS also hosts XML.org, which provides information about the application of XML, and The Cover Pages which is a reference collection supporting the SGML/XML family of markup language standards and their application.

15 16-15 10/8/2015 20:38 Federated Identity 0 Federated identity allows users to link identity information between accounts without centrally storing personal information. 0 Also, users can control when and how their accounts and attributes are linked and shared between domains and Service Providers, allowing for greater control over their personal data. 0 In practice, this means that users can be authenticated by one company or Web site and be recognized and delivered personalized content and services in other locations without having to re-authenticate or sign on with a separate username and password. 0 Standards include Identity Web Services Framework (I-WSF)

16 16-16 10/8/2015 20:38 Directions 0 Security for Web Services and Service Oriented Architectures 0 Confidentiality, Privacy and Trust Management for SOA 0 Model, Policy Language, Risk Analysis and Economics

Download ppt "Dr. Bhavani Thuraisingham October 2006 Trustworthy Semantic Webs Lecture #16: Web Services and Security."

Similar presentations

0 McLean, VA August 8, 2006 SOA, Semantics and Security.

0 McLean, VA August 8, 2006 SOA, Semantics and Security.
Web Service Architecture

Web Service Architecture
Siebel Web Services Siebel Web Services March, From

Siebel Web Services Siebel Web Services March, From
Overview of Web Services

Overview of Web Services
Web Service Ahmed Gamal Ahmed Nile University Bioinformatics Group

Web Service Ahmed Gamal Ahmed Nile University Bioinformatics Group
UDDI v3.0 (Universal Description, Discovery and Integration)

UDDI v3.0 (Universal Description, Discovery and Integration)
General introduction to Web services and an implementation example

General introduction to Web services and an implementation example
Web Services Nasrullah. Motivation about web service There are number of programms over the internet that need to communicate with other programms over.

Web Services Nasrullah. Motivation about web service There are number of programms over the internet that need to communicate with other programms over.
Web Services and the Semantic Web: Open Discussion Session Diana Geangalau Ryan Layfield.

Web Services and the Semantic Web: Open Discussion Session Diana Geangalau Ryan Layfield.
1 Introduction to XML. XML eXtensible implies that users define tag content Markup implies it is a coded document Language implies it is a metalanguage.

1 Introduction to XML. XML eXtensible implies that users define tag content Markup implies it is a coded document Language implies it is a metalanguage.
NHIN Specifications Richard Kernan, NHIN Specification Lead (Contractor), Office of the National Coordinator for Health IT Karen Witting, Contractor to.

NHIN Specifications Richard Kernan, NHIN Specification Lead (Contractor), Office of the National Coordinator for Health IT Karen Witting, Contractor to.
A New Computing Paradigm. Overview of Web Services Over 66 percent of respondents to a 2001 InfoWorld magazine poll agreed that Web services are likely.

A New Computing Paradigm. Overview of Web Services Over 66 percent of respondents to a 2001 InfoWorld magazine poll agreed that "Web services are likely.
Slide 1 EE557: Server-Side Development Lecturer: David Molloy Room: XG19 Mondays 10am-1pm Notes:

Slide 1 EE557: Server-Side Development Lecturer: David Molloy Room: XG19 Mondays 10am-1pm Notes:
Grid Computing, B. Wilkinson, 20043a.1 WEB SERVICES Introduction.

Grid Computing, B. Wilkinson, 20043a.1 WEB SERVICES Introduction.
Web Services Andrea Miller Ryan Armstrong Alex. Web services are an emerging technology that offer a solution for providing a common collaborative architecture.

Web Services Andrea Miller Ryan Armstrong Alex. Web services are an emerging technology that offer a solution for providing a common collaborative architecture.
Web services security I

Web services security I
Web Service What exactly are Web Services? To put it quite simply, they are yet another distributed computing technology (like CORBA, RMI, EJB, etc.).

Web Service What exactly are Web Services? To put it quite simply, they are yet another distributed computing technology (like CORBA, RMI, EJB, etc.).
Web services A Web service is an interface that describes a collection of operations that are network-accessible through standardized XML messaging. A.

Web services A Web service is an interface that describes a collection of operations that are network-accessible through standardized XML messaging. A.
Secure Systems Research Group - FAU Web Services Standards Presented by Keiko Hashizume.

Secure Systems Research Group - FAU Web Services Standards Presented by Keiko Hashizume.
Processing of structured documents Spring 2003, Part 6 Helena Ahonen-Myka.

Processing of structured documents Spring 2003, Part 6 Helena Ahonen-Myka.

Similar presentations

Ads by Google