270 likes | 312 Views
Security and the Open Geospatial Consortium (OGC). CEOS/WGISS-27 Workshop 11 Mai 2009 Toulouse. Andreas Matheus, Secure Dimensions GmbH andreas.matheus@secure-dimensions.de. Agenda. What do I mean by “Security”? Typical Requirements and Standards OGC’ Security and GeoRM Working Groups
E N D
Security and the Open Geospatial Consortium (OGC) CEOS/WGISS-27 Workshop 11 Mai 2009 Toulouse Andreas Matheus, Secure Dimensions GmbH andreas.matheus@secure-dimensions.de
Agenda • What do I mean by “Security”? • Typical Requirements and Standards • OGC’ Security and GeoRM Working Groups • OGC’ Interoperability Initiatives • Conclusion and upcoming activities
Context For This Talk • Target to be “secured” is a Distributed System • for exchanging / processing of geospatial information • implemented by (but not limited to) OGC Web Services • One mandatory and one optional Threat Model • Internet Threat Model • Browser (Client) Threat Model • In this context, “Security” refers to • communication between entities • trust between entities / parties • protection of assets Security and the Open Geospatial Consortium
Security – What Do I Mean By That? • For “the system” itself: “secure systems will control, through use of specific security features, access to information such that only properly authorized individuals, or processes operating on their behalf, will have access to read, write, create, or delete information.” [TCSEC]* • For a “distributed system”: the „distributed“ property is a characteristic of the system that shall not have any influence on the definition above. Security and the Open Geospatial Consortium
Security Relies On Requirements • Trusted Computer System Evaluation Criteria • Policy, Marking, Identification, Accountability, Assurance, Continuous Protection • Evaluation Classes: D (lowest), C, B, A (highest) • C: Discretionary Access Rights Management, Identity based AC • B: Mandatory Access Rights Management, Context based AC • ISO 10181 • 1: Overview • 2: Authentication FW • 3: Access Control FW • 4: Non-Repudiation FW • 5: Confidentiality FW • 6: Integrity FW • 7: Security Audits and Alarms FW Security and the Open Geospatial Consortium
Search SOS Publish SAS Alert Bind Notify notification OGC Sensor Web – A Trusted System? Register CAT Sensors SensorML Register SOS Task SPS GetResults Task SAS Notify WNS Security and the Open Geospatial Consortium
The Interoperability Issue • Exchanging and processing of geospatial Information in a federation requires interoperability on different levels: • Data Level Interoperability ensures the ability to “consume” the information • Service Level Interoperability ensures the ability to exchange / obtain the information to be “consumed” • Security Level Interoperability ensures the ability to the above in a reliable and trustworthy fashion • Implementation of all levels can be done by using standards from the OGC and other bodies • Establishing secure communication • Network level • Application level Security and the Open Geospatial Consortium
Security Standards This is an OGC Standard! Security and the Open Geospatial Consortium
Security And The OGC – Working Groups • GeoRM (Geo Rights Management) DWG – 2004 • http://www.opengeospatial.org/projects/groups/geormwg • Geospatial Digital Rights Management Reference Model (Abstract Specification Topic 18) • Security DWG – 2006 • http://www.opengeospatial.org/projects/groups/securitywg • Forum for discussing related topics to authentication, access control and secure communication Security and the Open Geospatial Consortium
Security And The OGC – Standardization • GeoRM Common SWG – 2007 • http://www.opengeospatial.org/projects/groups/georm1.0swg • „define the GeoRM Common Standard for the implementation of common aspects GeoDRM Reference Model“ [Charter] • GeoXACML SWG (persistent) • Potential to be established 2009 (next TC meeting 06/09) • “purpose … is to develop an OGC Web Services Profile of GeoXACML” [Draft Charter] • “another purpose … is to coordinate OGC’s work on GeoXACML with the work of the OASIS XACML WG“ [Draft Charter] Security and the Open Geospatial Consortium
Security And The OGC – OWS-3 Initiative • Timeline 04 – 10/2005 • Dedicated Thread for GeoDRM • “Click-through" licensed use of a • Web Map Service (WMS) • Web Feature Service (WFS) • Web Portrayal Service (cascade of a WMS and WFS) • GeoDRM license model for different types of users • anonymous / registered user Security and the Open Geospatial Consortium
Request Error: Please read/accept the disclaimer! Result: Image / 27GML Read & Accept Disclaimer Security And The OGC – OWS-3 Initiative • “Click-Through” Licensing Security and the Open Geospatial Consortium
Security And The OGC – OWS-3 Initiative • WS-Security based implementation of secure communication and exchange of security context information • Confidentiality • Integrity • WS-Security supports different Security Tokens • Username Tokens (authentication by user/password) • X.509 Tokens (authentication by certificate) • SAML Tokens (exchange of user assertions) • REL Tokens (exchange of license assertions) • Kerberos Tokens (Microsoft authentication) Security and the Open Geospatial Consortium
Security And The OGC – OWS-3 Initiative • Interoperability Program Report (IPR) • OGC 05-111 (Fraunhofer): “Terms of Use (ToU) Service and Model” • Implementation • “Click-Through” License for WMS and WFS (University of the Bundeswehr München) Security and the Open Geospatial Consortium
Security And The OGC – OWS-4 Initiative • Timeline 06 – 12/2006 • Dedicated Thread for GeoDRM • Use of brokered / negotiated licenses for a • Web Feature Service (WFS) • Two phase approach • I: Negotiation of a license (and the comprised rights) • II: Managing access to protected services based on the rights and conditions in the license Security and the Open Geospatial Consortium
Security And The OGC – OWS-4 Initiative • Scenario 1 • Unrestricted User-License • Scenario 2 • Brokered-License • Scenario 3 • Negotiation of a User-License • Scenario 4 • Managing access to a WFS-T for feature updates Security and the Open Geospatial Consortium
Security And The OGC – OWS-4 Initiative <License> Rights as XACML Policy Authenticity by XML Signature Structure of an OWS-4 License Security and the Open Geospatial Consortium
Security And The OGC – OWS-4 Initiative • Interoperability Program Reports • Engineering Viewpoint (con terra) • Trusted Geo Services (University of the Bundeswehr München) • Change Request OWS Common (Fraunhofer) • Implementation (con terra) • Phase I: Negotiation of licenses • Implementation (University of the Bundeswehr München) • Phase II: Licensed feature update using a WFS-T • Online Demo • http://www.opengeospatial.org/pub/www/ows4/index.html Security and the Open Geospatial Consortium
Security And The OGC – OWS-6 Initiative • Timeline 10/2008 – 04/2009 • Security inside threads • Geo Processing Workflow (GPW) • Managed access to OWS and trusted communication between different security domains • XACML/GeoXACML based protection of a WMTS and WFS • Sensor Web Enablement (SWE) • How to secure a sensor network based on OGC Sensor Web Services? Security and the Open Geospatial Consortium
Security And The OGC – OWS-6 Initiative Security and the Open Geospatial Consortium
Security And The OGC – OWS-6 Initiative Access Control in the Airport Emergency Response Scenario (source: 09-036) Security and the Open Geospatial Consortium
Security And The OGC – OWS-6 Initiative • Secure Sensor Web Engineering Report • Evaluate vulnerabilities, attacks and affects on assets for the Sensor Web Services specifications • Sensor Alert Service (SAS) • Sensor Observation Service (SOS) • Sensor Planning Service (SPS) • Assets are • Sensors, Production Data, Observations, Alerts • Provide recommendations how to prevent or mitigate the attacks Security and the Open Geospatial Consortium
Security And The OGC – OWS-6 Initiative • Interoperability Program Reports • OWS-6Security ER (con terra) • OWS-6 GeoXACML ER (University of the Bundeswehr München) • OWS-6 Secure Sensor Web ER (AM Consult*) • Implementation (con terra) • STS, PDP, PEP • Implementation (AM Consult*) • GeoPDP • Implementation (Geomatys) • WMS / WFS PEP *: Secure Dimensions GmbH is the successor of AM Consult Security and the Open Geospatial Consortium
Security Standards – OGC experience Security and the Open Geospatial Consortium
Consensus On Security In The OGC • Results from the OWS-3, OWS-4, OWS-6 Initiatives • Use SOAP based communication for service interface • Secure communication by leveraging WS-Security from OASIS • Includes use of XML DSig and XML Encryption by W3C • Access Control based on XACML / GeoXACML • Items that require standardization/recommendation • Authentication • Bootstrapping for secured OGC Web Services • GeoXACML Profile for OGC Web Services Security and the Open Geospatial Consortium
Potentially Future Work Items • GeoXACML SWG • How to ensure 100% interoperability using GeoXACML to protect Geo Web Services (includes OGC Services) • Communicate with OASIS XACML WG to ensure that geo-specific use cases are included • GeoRM Common SWG • How to transport a security context for licensed protection of OGC Web Services • OWS-7: Proposal for a Security Thread • Implementation of Secure Sensor Web ER results for SPS • Evaluation / comparison of Authentication Mechanisms CEOS members – get involved in Security for OWS-7 Security and the Open Geospatial Consortium
Thank You For Your Attention It is important, never to stop asking questions... [Albert Einstein] Secure Dimensions GmbH – Holistic Geosecurity Dr. Andreas Matheus Kederbacherstraße 44 D-81377 München, Germany Phone +49 (0)89 71000667 Mobile +49 (0)160 1066366 Telefax +49 (0)89 71000668 Email am@secure-dimensions.de Web www.secure-dimensions.de Security and the Open Geospatial Consortium