RE: [wsdm] Security Questions: Are Manageable Resources Secure?

["Alex Sim" <ASim@lbl.gov>]

It depends on what you mean by "additional requirements on security than any other WS". Just a web service does not require any security. It is an option (although can be recommended - still optional) depending on the contents and/or on the choice of the running services.    So, it sounds to me that it depends on what "manageable resources" are.  Does it require transport level security because of the local site policy? Policy is in addition to what manageable resources are.  Authentication/authorization are about access control, and it again depends on the "manageable resources".

Section 8 of WS-ResourceProperties-1.2 draft describes "security considerations" that 
"When messages are exchanged between a requestor and a WS-Resource in order to access or act on one or more resource properties, it is RECOMMENDED that the communication between services be secured using the mechanisms described in WS-Security. In order to properly secure messages, the message body and all relevant headers need to be included in the digital signature so as to prove the integrity of the message. In addition the ReferenceProperties from an EndpointReference, used as part of any message exchange, may be encrypted to ensure their privacy.  In the event that a requestor communicates frequently with a Web service to access resource properties, either directly through a query or accomplished through notification of state change, it is RECOMMENDED that a security context be established using the mechanisms described in WS-Trust [WS-Trust] and WS-SecureConversation [WS-SecureConversation], allowing for potentially more efficient means of authentication. .... "

Do we (as WSDM) need anything more than these kind?

I don't know about other implementation plans than globus reference implementations of WSRF. It provides message level security. It could server "privacy".

--Alex

  asim at lbl dot gov

  

   

 

 

---

From: Mark Ellison [mailto:ellison@ieee.org]
Sent: Saturday, June 26, 2004 5:53 PM
To: Heather Kreger
Cc: wsdm@lists.oasis-open.org
Subject: Re: [wsdm] Security Questions: Are Manageable Resources Secure?

Hi Heather,

(I'm catching up with wsdm email...)

Should we call out "privacy" along with authentication and authorization.  Essentially, privacy is the encrypted wrapping of message payloads.  While access to data is controlled by authentication and authorization, privacy minimizes the possibility that sensitive information can be sniffed and seen by unauthorized individuals having a promiscuous interface on a shared network segment.

Examples of sensitive data are bank account or credit card numbers, medical information about a patient, or the password for a user.

Some data should not be transmitted to authenticated and authorized individuals unless it is encrypted.

Regards,

Mark

Heather Kreger wrote:

Per our call today, I'm starting this email thread to discuss and ensure that WSDL described interactions with
manageable resources (which are WS-Resources) are sufficiently secure.

Which leads to the follow-on question: Do manageable resources have any additional requirements on security
than any other Web service? i.e. authentication, authorization, etc.

Heather Kreger
STSM, Web Services Lead Architect for SWG Emerging Technologies
Author of "Java and JMX: Building Manageable Systems"
kreger@us.ibm.com
919-543-3211 (t/l 441) cell:919-496-9572