1 / 20

Introduction

A Trust Model for Web Services Ph.D Dissertation Progress Report Candidate: Nelly A. Delessy, Advisor: Dr E.B. Fernandez Department of Computer Science and Engineering Florida Atlantic University, Boca Raton FL. Introduction.

beate
Download Presentation

Introduction

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. A Trust Model for Web ServicesPh.D Dissertation Progress ReportCandidate: Nelly A. Delessy, Advisor: Dr E.B. FernandezDepartment of Computer Science and EngineeringFlorida Atlantic University, Boca Raton FL

  2. Introduction • Dissertation’s goal: to develop a unified trust model for web services • Will indicate how it can be interfaced to existing access control models for web services • Will include trust management through trust policies, and dynamic aspects such as trust negotiation • Using UML and/or some mathematical formalism

  3. Dissertation Progress • What has been done: Existing Web services Access Control Models: • Patterns for XACML and the application firewall (last semesters) • Patterns for the WS-* Family: WS-Security and WS-Policy • Methodology to compare standards: Included in the paper: “Using patterns to compare web services security products and standards” • This semester: • Inclusion of wireless aspects • Future work: • Develop the Trust model itself

  4. (Resource, action, context, effect) Credential types Trust level Assigned trust level Required trust level Trust policies Access policies Dissertation Progress • Future work • Description of the interface between trust model and access control model for web services(Spring 2006 & Summer 2006)

  5. Dissertation Progress • Future work • Define the static elements of the trust model formally (Fall 2006) • Develop the dynamic aspects of the trust model (Fall 2006) • Identify patterns from the model (Fall 2006) • Publish a Journal Paper from one of these steps

  6. Wireless Web Services Architectures

  7. Introduction • Web services are becoming important for user access to services that depends on location and they are appearing in mobile devices. • The concept of dynamic access to web services allied with the flexibility of wireless accesses makes it possible to envisage a new type of applications, where the mobility of the user supplies the application with context elements. • Examples in the field of disaster management, location services, advertising (service discovery), etc

  8. Architectures • Gateway architecture • used when portable devices are limited in memory and computational power. • And/or the connection bandwidth and reliability of the wireless connection are limited. • An example of this compressed format: WML (equivalent of HTML in the WAP stack, available in many phones), or for basic scenarios such as the “push” of information, the gateway can transform SOAP messages into SMS, or voice.

  9. Architectures • Direct consumer architecture • portable devices must have built-in implementations of the web services technologies (high end market segment, now), ex: smart phones, PDAs, and laptops. • Hardware and operating systems security is an important issue in this configuration. • the device, that is now a consumer of web services, can run client applications from different providers, a strong level of security is needed, including some type of authorization system, such as a subset of XACML or WS-*

  10. Architectures • Use of mobile agents • approach is suggested in [Bel03b]. • proxies act on behalf of a client. • Rationale: using a web service can imply multiple passes between client, server and third parties (for security purposes for example) while the wireless link is not reliable and the bandwidth can be limited.

  11. Architectures • Direct consumer architecture • The mobile device is a WS Provider • Ex: to expose the user’s calendar, its profile • Liberty PAOS (Reverse HTTP Binding for SOAP) enables the creation of personalized services • Privacy issues…

  12. Pattern diagram for wireless web services security patterns

  13. Class diagram for Access Control List (ACL)

  14. Class diagram for Capability

  15. Class diagram for SAML

  16. Class diagram for the Liberty Alliance Identity Federation

  17. Sequence Diagram for Single Sign On

  18. OMA OWSER • OMA: Open Mobile Alliance • OWSER : OMA Web Services Enabler • Addresses: • Transport security • SOAP message security • But not application security • Are working on providing profiling standards, such as Liberty Alliance, OCSP, WSDL wireless web services

  19. OMA OWSER • To provide identity-based Web Services • They propose to use Liberty Alliance specs • Circle of Trust

  20. The Web Services "stack" described by the OWSER

More Related