Core Security Patterns: Best Practices and Strategies for J2EE, Web Services, and Identity Management

The OSI 7-layer model provides the means to meaningfully discuss the rationale of Web services security protocols, security layers, and how they are partitioned. The OSI stack identifies seven distinct layers for the facilitation of data communication. Each layer provides services to the next higher layer, including its primitives and associated data. Each layer relies on the next lower layer.

Although the OSI stack is not reflected in reality, the representation of TCP/IP in the OSI structure forms the basis for any communication on the Internet. At the bottom, the Data Link and Physical layers represent the link between the host and the network. IP plays at the Network Layer and TCP/IP at the Transport layer, delivering the virtual circuit for transporting packets. On the top, the Application, Presentation, and Session layers facilitate the user exchange of data.

In a Web services communication, applying security protocol mechanisms is facilitated between the Network and Transport layers. In conjunction with OSI stack and its seven layers, the Web services security stack is shown in Figure 11-1.

Figure 11-1. The OSI stack 7-layers and Web services security

Effectively, the end-to-end security of a Web services solution is addressed by three security layers that are clearly delineated with mechanisms and responsibilities for securing the Web services communication, messages, and their network infrastructure. The three security layers and their tasks and responsibilities are described in the following sections.

Network-Layer Security

Network-Layer Security works on the IP and TCP layers by providing perimeter security for the network infrastructure hosting the service and filtering out connections from unauthorized intruders. Network routers and firewall appliances make up this solution, and the protection is limited to connection attacks based on IP addresses, TCP ports, protocols, and packets.

Transport-Layer Security

Transport-Layer Security secures the communication and ensures data privacy, confidentiality, and integrity between the communicating endpoints. It ensures that the data transmitted and the sessions are protected from eavesdropping by unintended recipients. Applying cryptographic algorithms and adopting two-way SSL/TLS mechanisms make up this solution, which allows securing the transport and data exchanged on the wire by encrypting messages. During transit, it also guarantees that data transmitted is not accessible for viewing by unintended recipients or intermediaries.

Message-Layer Security

Message-Layer Security secures the Web services endpoint with application-specific security information in the form of XML metadata. In Web services communication, XML messages may contain malicious content from unauthorized parties that can cause a threat to the service endpoint. Traditional security mechanisms such as firewalls and HTTP/SSL would not verify the XML content-level threats that can lead to a buffer overflow or SQL/XQUERY insertion, or XML-based denial-of-service (X-DoS). Incorporating message-level security allows defining application- or service-specific security as XML metadata or SOAP header blocks that represent information related to a user's identity, authentication, authorization, encryption/decryption, and digital signatures.

Категории