1 / 10

WSSQoP v0.3 6 Nov 2003

WSSQoP v0.3 6 Nov 2003. Basic approach. <definitions> <QoPSpec>. <definitions>. <definitions>. <QoPSpec>. <QoPSpec>. Security policy manager. Security policy manager. Applied security policy. Applied security policy. Consumer class. Provider class. Consumer domain.

yates
Download Presentation

WSSQoP v0.3 6 Nov 2003

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. WSSQoP v0.36 Nov 2003

  2. Basic approach <definitions> <QoPSpec> <definitions> <definitions> <QoPSpec> <QoPSpec> Security policy manager Security policy manager Applied security policy Applied security policy Consumer class Provider class Consumer domain Provider domain

  3. Process models • Development-time • Not very useful • Inflexible • No separation of duties • Deployment-time • Two architectural models • Out-of-line • In-line • Run-time • Ditto

  4. Out-of-line model <definitions> <definitions> <defintions> <QoPSpec> <QoPSpec> <QoPSpec> Security policy manager Security policy manager Consumer class Provider class Security service Security service WSS- SOAP WSS- SOAP

  5. Security service Security service SOAP WSS- SOAP WSS- SOAP SOAP In-line model <definitions> <definitions> <defintions> <QoPSpec> <QoPSpec> <QoPSpec> Security policy manager Security policy manager Consumer class Provider class SOAP SOAP

  6. Data-model • Services • Mechanisms • Parameters

  7. Services • Identified by URI or QName • Extensibility point • Define common services, such as:- • Transport integrity • Originator authentication • Type is a set of Mechanism definitions

  8. Mechanisms • Identified by URI or QName • Extensibility point • Define common mechanisms, such as:- • SSL • XML DSig • Type is a set of Parameter definitions

  9. Parameters • Identified by URI or QName • Extensibility point • Define common parameters, such as:- • Encryption algorithm • Key-size • Type depends on the Parameter name

  10. Deriving applied policy

More Related