Core Security Patterns: Best Practices and Strategies for J2EE, Web Services, and Identity Management
The key factors related to security must be addressed in the Web services architecture as core security requirements. This ensures the ability to deliver a secure environment for conducting business transactions, processes, and collaboration. It is also important for Web services security to build on existing application security infrastructures and to integrate with them. Based on those critical factors, the key requirements that must be addressed in order to be able to describe and deliver end-to-end security architecture for Web services solutions are discussed in the following sections. Each of these security requirements plays an important role in designing a Web services architecture and each is represented by an evolving set of Web-services security standards and security infrastructure providers. Authentication
Authentication enforces the verification and validation of the identities and credentials exchanged between the Web-services provider and the consumer. The initiating service requester must be authenticated to prove its identity with reliable credentials. The credentials may be X.509 digital certificates, Kerberos tickets, or any security token used to validate the identity of the service requester. Depending upon the security requirements, it is also possible to deploy mutual authentication mechanisms where both service requester and the service provider exchange their credentials and validate them before initiating the communication. Using authentication mechanisms alleviates and mitigates the risks associated with man-in-the-middle, identity spoofing, and message-replay attacks. Authorization and Entitlement
After authentication, it becomes crucial to control and monitor access to the service provider resources. Authorization defines the rules and policies associated with the required access control to the resources. Upon successful authentication, a service requester requiring access to business services should be provided with specific access rights to resources. Service requesters' rights to resources should be monitored, and they should be granted or denied as appropriate. Auditability and Traceability
Auditing and tracing allow monitoring and recording of the relevant life-cycle events and transactions taken by the services provider based on the requests made by the consumer. Auditing and tracing ensure that the initiating clients are accountable for their requested operations and provide authentic proof of the originating request or response. The audit trail provides information that can be used to monitor resources, system break-ins, failed logins, and breach attempts. It also helps identify security loopholes, violations, spoofing, and those users who are attempting to circumvent security, either intentionally or unintentionally. Data Integrity
Data integrity plays a vital role in ensuring that messages exchanged between the communicating parties are accurate, complete, and not modified or altered during transit or while in storage. The use of digital signature mechanisms ensures data integrity by securing Web services-based business transactions from modification. Ensuring data integrity guards Web-services communication across endpoints and intermediaries from MITM intrusions and interference that may damage data. Data Confidentiality
Data privacy and confidentiality assure that the actual data transmitted are protected from the prying eyes of unintended recipients. Data privacy and confidentiality are made possible through cryptographic algorithms that convert the data to an encrypted form of message that unauthorized viewers aren't able to understand. Ensuring confidentiality guarantees that data transmitted is not accessible for viewing by interception or interference during transmission between endpoints and through intermediaries. Non-repudiation
Non-repudiation ensures that the communicating parties accept a committed transaction. This prevents the service requesters from wrongfully claiming that the transaction has never occurred. Ensuring non-repudiation can be done using many approaches such as enabling logging and recording trails of the transaction exchanged, using timestamps on message requests and responses and using digital signatures to ensure that credentials of communicating parties are authentic. Availability and Service Continuity
Availability and Service continuity are mandatory requirements to ensure the Web services infrastructure is capable of sustaining operations after a security breach or failure. These requirements can be achieved by introducing high-availability mechanisms such as load balancing, fault-tolerance and fail-over protection. From a security standpoint, implementing high-availability mechanisms guarantees service continuity after failures. Single Sign-on and Delegation
Single sign-on plays a vital role in Web Services environments. Because Web services allow integrating heterogeneous applications to communicate with each other using standards-based technologies, it becomes mandatory to facilitate a universal mechanism to support single sign-on, decentralized access control lists and delegated administration capabilities. In case of Web services aggregation scenario, it also becomes important to facilitate global sign-on that allows access to multiple Web services providers. This means all participating service providers share a common SSO token or a trusted credential that ensures global sign-on access and also a global logout for exiting from them. Identity and Policy Management
Web services are required to make use of identities, trust policies, and their access privileges information from internal and external partner applications. This mandates a standardized way of sharing identities and policies information among disparate authentication and authorization systems spread across their trust boundaries. With federated identity management, a Web services provider can make its services available securely to their partners by establishing trusted partnerships and sharing their identities and policies. This ensures an authenticated identity to be recognized by partner service endpoints and enables the user associated with that identity to access privileged services across multiple partner services. Security Interoperability
Ensuring and demonstrating security interoperability is another core Web services requirement to guarantee that the adopted security mechanisms and countermeasures seamlessly work together during communication. This means that the Web service providers and consumers are making use of standards-based protocols following security interoperability guidelines defined by the WS-I Security profile. The Web services and their security providers must allow security interoperability at all levels, including transport-level security, message-level security, and other supporting security infrastructures. |
Категории