wsdm message
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]
Subject: Security related events
- From: "Jeff Bohren" <jbohren@opennetwork.com>
- To: <wsdm@lists.oasis-open.org>
- Date: Thu, 15 Jul 2004 16:03:01 -0400
Title: Message
I though I would
take this off-line so as not to waste time on the call. I see a lot value
in standardizing security related events as part of WSDM. The four events
that I would define are:
AuthN
Succeeded
AuthN
Failed
AuthZ
Succeeded
AuthZ
Failed
There are three
purposes for these events; general management, security monitoring, and
auditing.
1) General
Management - in this case the AuthN and AuthZ Failed events are the important
ones. A increase in the number of these types of events could be an indicator of
problems in the system, such as clock synchronization issues, authentication
server problems, etc.
2) Security
Monitoring - again, the AuthN and AuthZ Failed events are the important ones. A
increase in the number of these types of events could be an indicator of an
attack on the resource in question.
3) Auditing - self
explanatory. There are, as Hal pointed out, QOS issues with this, but those
issues need to be addressed by WSN eventually anyway.
Obviously different
subscribers would want a different set of these events for different reasons.
For MOWS there are
some very specific use cases. For instance in the case of an AuthN failure, the
SOAP header could be included in the notification. Since WS-Security is now an
OASIS standard, it seems logic that WSDM should define a standard
WS-Security AuthN Succeeded and Failed events as part of the MOWS
specification.
I would be glad to
put together a proposal on exactly what would be defined in each of these event
types, but only if there is sufficient interest by the TC. Would anybody be
interested in seeing a proposal on this?
Jeff Bohren
Product Architect
OpenNetwork Technologies,
Inc
Try the
industry's only 100% .NET-enabled identity management software.
Download your free copy of Universal IdP Standard Edition today. Go to
www.opennetwork.com/eval.
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]