OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

ws-rx message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [ws-rx] New Issue: security profiles

Lines 13-14 of the "Security Threats and Requirements" states:

The primary security requirement of the WS-RM protocol is to protect the WS-RM semantics and protocol invariants against various threats.

Basiclly this breaks down into treating the Sequence as a protected resource. The Sequence Lifecycle Messages, Sequence Traffic Messages, Acks, etc. can all be considered as operations on that protected resource. In their function as "resource monitors" for the Sequence, the RMS and RMD need to make sure that only authorized entities (their peer RMD or RMS) are allowed to operate on the Sequence and that the operations themselves are free from tampering.

Any clearer?

- gp

From: Ashok Malhotra [mailto:ashok.malhotra@oracle.com]
Sent: Tuesday, May 16, 2006 3:39 PM
To: Gilbert Pilz; ws-rx@lists.oasis-open.org
Subject: RE: [ws-rx] New Issue: security profiles

Gil:
Sorry, I'm a bit late to the party, but exactly what are we protecting?
Surely, it's not the messages themselves as they can be protected by the
standard WS-Security mechanisms.  Is it the framing messages: CreateSequence, etc.
or it is something else?

All the best, Ashok

 

From: Gilbert Pilz [mailto:Gilbert.Pilz@bea.com]
Sent: Tuesday, May 09, 2006 2:42 PM
To: ws-rx@lists.oasis-open.org
Subject: [ws-rx] New Issue: security profiles

The WS-RX TC Charter requires that WS-RM support the “efficient preservation of the integrity of reliable contexts by composition with WS-Security or other SOAP security mechanisms”. The charter also states that “While composition with other specifications is a goal of the TC, it is also a goal to leave the specifics of how that composition is achieved outside the scope of this TC.” This proposal attempts to satisfy these two requirements by defining a set of non-normative profiles for composing WS-RM with commonly used web services security mechanisms. The purpose is to aid in the implementation and deployment of interoperable services and applications that utilize secure, reliable SOAP messaging systems.
 
Proposal: Add the attached text as a new chapter to the WS-RM specification following Chapter 5 (Security Threats and Requirements)

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]