[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: [Fwd: [xml-dev] Blended Authentication (AKA "Granular Access Control")]
I sent this to the XML-DEV list this morning, and would also like to solicit feedback from some of the security experts on our TC. For those on both lists, sorry for the duplicate posting. Thanks, Joe
- From: "Chiusano Joseph" <chiusano_joseph@bah.com>
- To: xml-dev@lists.xml.org
- Date: Wed, 07 May 2003 09:05:15 -0400
I have a question regarding security, particularly authentication and access control. My objective is to present a concept, and find out if this concept is currently being implemented in any XML-based open standards. The standards that I am familiar with (without listing them) do not, according to my understanding, take into account this concept. The concept is this: authentication of not only a user for access control to a resource, but a combination of the user *and* a resource - i.e. "blended authentication". For example, suppose that we have the following very simple scenario of 2 users (USER1 and USER2) accessing a system (SYSTEM A) that further accesses another system (SYSTEM B). It is assumed that all access would be through Web services: ----------- ----------- | | | | USER1---->| |-------->| | | SYSTEM | | SYSTEM | | A | | B | USER2---->| | | | | | | | ----------- ----------- The above scenario indicates that both USER1 and USER2 are successfully authenticated by SYSTEM A. However, when it is required that SYSTEM A accesses SYSTEM B (perhaps for a database lookup), only USER1 is authenticated to SYSTEM B. This is because the authentication by SYSTEM B took into account not only USER1's credentials (X.509 cert, Kerberos ticket, SAML assertion, etc.), but the fact that USER1 was accessing SYSTEM B from SYSTEM A. So, USER2 may very well be authenticated to access SYSTEM B from some other system - just not from SYSTEM A. [Getting into implementation for a second] It appears that this type of authentication could be enforced through some sort of security-related extensions to WSDL, so that it can be controlled at a Service level. Taking that one step further, such authentication could even be enforced at the Operation level, Message level, etc. Any thoughts/comments on this would be greatly welcome and appreciated. Kind Regards, Joe Chiusano Booz | Allen | Hamiltonbegin:vcard n:Chiusano;Joseph tel;work:(703) 902-6923 x-mozilla-html:FALSE url:www.bah.com org:Booz | Allen | Hamilton;IT Digital Strategies Team adr:;;8283 Greensboro Drive;McLean;VA;22012; version:2.1 email;internet:chiusano_joseph@bah.com title:Senior Consultant fn:Joseph M. Chiusano end:vcard----------------------------------------------------------------- The xml-dev list is sponsored by XML.org <http://www.xml.org>, an initiative of OASIS <http://www.oasis-open.org> The list archives are at http://lists.xml.org/archives/xml-dev/ To subscribe or unsubscribe from this list use the subscription manager: <http://lists.xml.org/ob/adm.pl>
begin:vcard n:Chiusano;Joseph tel;work:(703) 902-6923 x-mozilla-html:FALSE url:www.bah.com org:Booz | Allen | Hamilton;IT Digital Strategies Team adr:;;8283 Greensboro Drive;McLean;VA;22012; version:2.1 email;internet:chiusano_joseph@bah.com title:Senior Consultant fn:Joseph M. Chiusano end:vcard
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]