[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: ..Role of Security Services..
The topic of security services is not currently covered in the Strawman 1 document. There are some references to a third party security service but no requirements or characterization of the interfaces exposed by such a security service. Here I will give a brief description and motivation for standardizing (some) security system interfaces. The S2ML specification describes two security services: Auth and Az (I realize there may be some naming issues here!). They have the following signatures: Auth: Credentials (login, public key, X509Certificate) ---> Name Assertion Az: Name Assertion x Assertions x Question --> Assertion(s) x Answer The model here is to provide standard interfaces between applications and security engines. This supports inter-operability between security engines as applications can use them in a vendor independent manner. In a different direction, standardizing interfaces of this type also supports a notion of providing standard security services as web services over the internet. The security interfaces described in S2ML are those that are typically driven off security engine policies (as oppossed to interfaces exposing crypto operations etc.). Often, these interfaces are based on security engine components including DBs, LDAP, legacy code, policy languages etc. Providing a standard interface allows for a generic way to "query" a security engine. - prateek mishra
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC