[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [soa-rm-ra] Follow-up to 7-5-08 Telecom
In section 1.1.1, "What is this Reference Architecture?", it states on line 41 that "the key assumptions that we make in this Reference Architecture is (should be are) that SOA-based systems involve:" Line 46 "* interaction between people and systems is primarily through the exchange of mssages with realiability that is appropriate for the intended uses and purposes." Securing data at rest can be a complex issue which can involve everything from physical security of the computing systems, network protection, protection via trusted platforms, etc. The SOA RA does not get into this particular aspect of security. However, your concern about the confidentiality and integrity of the message via HTTPS is mentioned in the security section 5.2.4.2, "Transport Layer". Line 2885 of this section specifically mentions HTTPS and in lines 2886-2887 states: "Given the anture of SOA-based communications across multiple ownership boundaries, security provided at the transport layer cannot be relied upon for protection of message confidentiality." Danny -------- Original Message -------- Subject: [soa-rm-ra] Follow-up to 7-5-08 Telecom From: michael.poulin@uk.fid-intl.com Date: Wed, May 07, 2008 10:49 am To: soa-rm-ra@lists.oasis-open.org Cc: danny.thornton@scalablearchitectures.com, dnickull@adobe.com, frankmccabe@mac.com Below, is my note related to security, section 5.2.7. I am not sure we need to discuss it at the next Telecom or we can discuss it via e-mail. 5.2.7 Architectural Implications of SOA Security One of the last 'big' bullet-points says: "The mechanisms that make-up the execution context in secure SOA-based message exchanges should:". I think, it is not enough for SOA Security. We have talked already that execution context may be applied (according to SOA RM) as to the message exchange as to the service execution (service body) itself. From the service consumer perspective, security of the message exchange is equally important to the security of the service execution. For example, the major fault in HTTPS is that the message becomes naked (unprotected) the next moment it reaches the destination - Web Server. Now, it is the Web Server and the rest of the receiver's system have to preserve message integrity, confidentiality, etc. If they do not do this, consumer's sensitive data may be tempered during the service executions. I would like to propose very simple change in the text: replace words "message exchanges" by the word "systems" and leave the list of security measures as is. Thus, the phrase would sound like: "The mechanisms that make-up the execution context in secure SOA-based systems should:" - Michael
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]