[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [wsdm] Security Questions: Are Manageable Resources Secure?
It depends on what you mean by "additional
requirements on security than any other WS". Just a web service does not require
any security. It is an option (although can be recommended - still optional)
depending on the contents and/or on the choice of the running
services. So, it sounds to me that it
depends on what "manageable resources" are. Does it require transport
level security because of the local site policy? Policy is in addition to what
manageable resources are. Authentication/authorization are about access
control, and it again depends on the "manageable resources".
Section 8 of
WS-ResourceProperties-1.2 draft describes "security considerations"
that
"When messages are exchanged between a requestor and a WS-Resource in order to access or act on one or more resource properties, it is RECOMMENDED that the communication between services be secured using the mechanisms described in WS-Security. In order to properly secure messages, the message body and all relevant headers need to be included in the digital signature so as to prove the integrity of the message. In addition the ReferenceProperties from an EndpointReference, used as part of any message exchange, may be encrypted to ensure their privacy. In the event that a requestor communicates frequently with a Web service to access resource properties, either directly through a query or accomplished through notification of state change, it is RECOMMENDED that a security context be established using the mechanisms described in WS-Trust [WS-Trust] and WS-SecureConversation [WS-SecureConversation], allowing for potentially more efficient means of authentication. .... " Do we
(as WSDM) need anything more than these kind?
I don't know
about other implementation plans than globus reference implementations of WSRF.
It provides message level security. It could server
"privacy".
--Alex
asim at
lbl dot gov
|
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]