1 / 36

Bienvenida Pagdanganan Supervisor: Prof Vijay Varadharajan

An Analysis of Trust Requirements and Design Choices for Trust Management in Web Services Based Service Oriented Architectures. Bienvenida Pagdanganan Supervisor: Prof Vijay Varadharajan. Main Problem. With Web Services: Who the requestors are Who the providers are

hisoki
Télécharger la présentation

Bienvenida Pagdanganan Supervisor: Prof Vijay Varadharajan

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. An Analysis of Trust Requirements and Design Choices for Trust Management in Web Services Based Service Oriented Architectures Bienvenida Pagdanganan Supervisor: Prof Vijay Varadharajan Bienvenida Pagdanganan

  2. Main Problem • With Web Services: • Who the requestors are • Who the providers are • What credential is being requested • What specific services are being requested • Who is trustable • Who is not • How are they trusted Bienvenida Pagdanganan 2

  3. Main Problem BPAY Scenario: Alice pays electricity bill through BPAY Alice logs in to her Internet Banking system using Username AND Password Alice enters her electricity account number and other identity information Alice’s bank and electricity provider has some agreement that facilitates the service Alice trusts that the service has been completed in her behalf by the bank Bienvenida Pagdanganan 3

  4. Main Problem • Authentication in Web services: • Mechanism by which clients and service providers prove to one another that they are acting on behalf of specific users or systems • Client usually presents identifier • Service provider verifies client’s claimed identity • Authorization • Allow only authenticated service identities to access resources, such as hosts, files, Web pages, components, and database entries, to name a few Bienvenida Pagdanganan 4

  5. Aim To address the trust requirements needed to use or provide a Web service through studies about trust model and language trust policy language trust management systems federation and trust in relation to trust management Bienvenida Pagdanganan 5

  6. Significant Achievements • This study provides the following: • A framework for a hybrid trust model incorporating hard trust and soft trust, and the attributes in hard trust and soft trust • A methodology by example for evaluating reputation-based soft trust attribute • A methodology by example for incorporating soft trust attributes in a service policy • A federation and trust scenario in Web services incorporating soft trust body, Reputation Authority, and soft trust attributes Bienvenida Pagdanganan 6

  7. Roadmap to achievements: Project Scope Studies on Web Services Trust Model Trust Policy for Web Services Trust Management in Web Services Based SOA Federation and Trust in Web Services Bienvenida Pagdanganan 7

  8. What is.... Web service self- contained software module available via a network, such as the Internet completes tasks, solves problems, or conducts transactions service on behalf of a user or application Service Oriented Architecture a logical way of designing a software system provide services either to end-user applications or to other services distributed in a network use published and discoverable interfaces Bienvenida Pagdanganan 8

  9. Roadmap – Web Services Trust Model Studies on Hoffman, Lawson-Jenkins et al. 2006 Lin and Varadharajan 2007 Web Services Security Plan and Roadmap (2002) WS-Trust Bienvenida Pagdanganan 9

  10. Roadmap – Web Services Trust Model Hoffman, Lawson-Jenkins et al. 2006 Develop improved trust model and related metrics for distributed computer-based systems Incorporate security, privacy, safety, usability, reliability, and availability factors into trust vector Incorporate factors such as verification techniques, user knowledge, user experience, and trust propagation in their model Define ‘expectation’ - experience with an application or service, and the reputation of the vendor providing the service or product (we discuss as soft trust attributes) Consider metrics (we discuss as trust attributes) Bienvenida Pagdanganan 10

  11. Roadmap – Web Services Trust Model Lin and Varadharajan 2007 Propose a hybrid trust model for enhancing security in distributed systems by combining hard and soft trust relationships and associated operations Consider soft trust decision making, based on behaviour and evidence and the specified thresholds for these opinion-based soft trust requirements Our paper similarly discusses hard and soft trust attributes and trust relationships, we consider Web services rather than mobile agent system Bienvenida Pagdanganan 11

  12. Roadmap – Web Services Trust Model IBM and Microsoft 2002 - End to End Security • Web Service – require incoming message prove a set of claims (referred to as policy) • Requester – send messages with proof of required claims (security tokens) with the messages. • Messages demand specific action • Messages prove their sender has claim to demand the action • Requester can obtain claim through the Security Token Services (STS broker trust by issuing security tokens) Bienvenida Pagdanganan 12

  13. Roadmap – Web Services Trust Model WS- Trust • TRUST – represented through exchange and brokering of security tokens • Specifications to enable application to construct trusted SOAP message exchange • Web Services trust specification for • Requesting and obtaining security tokens • Managing trusts and establishing relationships • Establishing and assessing trust relationships Bienvenida Pagdanganan 13

  14. Roadmap – Web Services Trust Model WS- Trust : managing trusts and establishing and assessing trust relationships • Verify that claims in token are sufficient to comply with policy and that message conforms to policy • Verify that attributes of claimant are proven by signatures, claims are either proven or not based on policy • Verify that issuers of security tokens (including all related and issuing security token) are trusted to issue claims they have made Bienvenida Pagdanganan 14

  15. Roadmap – Web Services Trust Model WS-Trust - Trust relationships can be: • Direct trust - relying party accepts as true all (or some subset of) the claims in token sent by the requestor Requester Web service • Brokered trust, a trust proxy (second party) – read policy information and request appropriate security tokens from an issuer of security tokens, thus vouching for a third party Security Token Service Requester Web service Bienvenida Pagdanganan 15

  16. Roadmap – Trust Policy for Web Services Studies on Vuong, Smith et al. 2001 Nagarajan, Varadharajan et al. 2007 WS-Policy Bienvenida Pagdanganan 16

  17. Roadmap – Trust Policy for Web Services Vuong, Smith et al. 2001 Discuss practical concepts employed in enterprise environment for managing security policies Use eXtensible Markup Language (XML) Design specification for security policy use structured language model (XML), separate semantics API, and standardized policy schema model to represent and implement security policies. We consider their methodology in our study to develop a methodology by example for incorporating soft trust attributes in a service policy Bienvenida Pagdanganan 17

  18. Roadmap – Trust Policy for Web Services Nagarajan, Varadharajan et al. 2007 Propose a 3-level granularity model with levels, high, mid and low properties for authorization credentials for trusted platform Present methodology for capturing requirements through compositions and Component Property Certificate We adapt their methodology as a way in establishing our work to develop a methodology by example for evaluating reputation-based soft trust attributes Bienvenida Pagdanganan 18

  19. Roadmap – Trust Policy for Web Services WS-Policy • An XML Infoset called a policy expression that contains domain-specific, Web Service policy information • Core set of constructs to indicate how choices and/or combinations of domain specific policy assertions apply in Web services environment • (01) <wsp:Policy • xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy" • xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" > • (02) <wsp:ExactlyOne> • (03) <sp:Basic256Rsa15 /> • (04) <sp:TripleDesRsa15 /> • (05) </wsp:ExactlyOne> • (06) </wsp:Policy> An example of a security policy Bienvenida Pagdanganan 19

  20. Roadmap – Trust Management in Web Services Based SOA Studies on: The PolicyMaker Trust Management System (Blaze, Feigenbaum et al. 1996) REFEREE: Trust Management for Web Applications (Chu, Feigenbaum et al. 1997) The KeyNote Trust Management System(Blaze, Feigenbaum et al. 1999) Then……. Our Approach Incorporating Hybrid Trust Attributes in Policy Bienvenida Pagdanganan 20

  21. Roadmap – Trust Management in Web Services Based SOA The PolicyMaker Trust Management System (Blaze, Feigenbaum et al. 1996) Interface that separates generic mechanisms from application-specific policy Return simple yes/no answer or additional restrictions that would make the proposed action acceptable Our interest is language structure Way policy is written through queries of the form: key1,key2,...keynRequestsActionString SourceASSERTSAuthorityStructWHEREFilter Bienvenida Pagdanganan 21

  22. Roadmap – Trust Management in Web Services Based SOA REFEREE: Trust Management for Web Applications (Chu, Feigenbaum et al. 1997) • Rule-controlled Environment for Evaluation of Rules, and Everything Else • Provides both general policy-evaluation mechanism and language for specifying policies • Return value when asking for authorization • Yes, the action may be taken because sufficient credentials exist for the action to be approved” • “No, the action may not be taken because sufficient credentials exist to deny the action” • “The trust management system was unable to find sufficient credentials to approve or to deny the requested action” Bienvenida Pagdanganan 22

  23. Roadmap – Trust Management in Web Services Based SOA The KeyNote Trust Management System (Blaze, Feigenbaum et al. 1999) Language describing policy and credential assertion, structures of action descriptions and model of computation Evaluates policy through a policy compliance value (PCV) PCV advises application how to process the requested action. In simplest case, the compliance value is Boolean (e.g., reject or approve) Bienvenida Pagdanganan 23

  24. Roadmap – Trust Management in Web Services Based SOA The KeyNote Trust Management System (Blaze, Feigenbaum et al. 1999) Conditions: @user_id == 0 -> “full_access”; # clause (1) @user_id < 1000 -> “user_access”; #clause (2) @user_id < 10000 -> “guest_access”; #clause (3) user_name == “root” -> “full_access”; #clause (4) Given “user_id” is “1073” and the “user_name” attribute is “root”, possible compliance value set would contain the following: “guest_access” (by clause (3)) and “full_access” (by clause (4)) Bienvenida Pagdanganan 24

  25. Roadmap – Trust Management in Web Services Based SOA Our Approach A framework for trust management A hybrid trust model for managing trust incorporating hard trust and soft trust Bienvenida Pagdanganan 25

  26. Our Approach –Trust Management in Web Services Based SOA Hybrid Trust Composition Trust relationships based on exchange and brokering of hard trust attributes and on support of soft trust attributes established by corresponding security authorities Bienvenida Pagdanganan 26

  27. Our Approach –Trust Management in Web Services Based SOA Hard Trust Composition “strong security” mechanisms Result is a binary decision- trusted or not Bienvenida Pagdanganan 27

  28. Our Approach – Trust Management in Web Services Based SOA Soft Trust Composition “soft computational” approach, a method of evaluation of soft trust attributes developed by illustration through a hypothetical example Bienvenida Pagdanganan 28

  29. Our Approach – Trust Management in Web Services Based SOA • Hypothetical Example: • A Web service provided by ABC company for purchasing shares of stocks • Must be citizens of its country only • May have loyalty cards with the company • Have transactions above a threshold amount $D • Have reference from company staff • Company Assertions: • Is_Citizen = ‘Y’ #clause (1) • has_LoyaltyCard = ‘Y’ #clause (2) • has_No_LoyaltyCard = ‘Y’ #clause (3) • has_Transaction_Threshold > $D = ‘Y’ #clause (4) • has_Reference_From_Staff = ‘Y’ #clause (5) Bienvenida Pagdanganan

  30. Our Approach – Trust Management in Web Services Based SOA • Hypothetical Example cont.: • Company has set to true (‘Y’) only the following composition • Order of assertion: ascending, highest to lowest • All other combinations are not acceptable. • (1) {“Is_Citizen”, “has_LoyaltyCard”, “has_Transaction_Threshold > $D”, “has_Reference_From_Staff”}, • (2) {“Is_Citizen”, “has_LoyaltyCard”, “has_Transaction_Threshold > $D”}, • (3) {“Is_Citizen”, “has_LoyaltyCard”, “has_Reference_From_Staff ”}, • (4) {“Is_Citizen”, “has_No_LoyaltyCard”, “has_Transaction_Threshold > $D”}, • (5) {“Is_Citizen”, “has_No_LoyaltyCard”, “has_Reference_From_Staff ”} Bienvenida Pagdanganan

  31. Our Approach – Trust Management in Web Services Based SOA • Hypothetical Example cont.: • Evaluation of assertions • A decision response (Y or N) for reputation will be delivered for compositions (1) through (5). • Each composition has weight value corresponding to reputation of requestor of Web service • Notation use to indicate weight value where weight value is a function of composition; • R1 = W(C1) = Extremely high reputation • R2 = W(C2) = Strongly high reputation • R3 = W(C3) = Very high reputation • R4 = W(C4) = Moderately high reputation • R5 = W(C5) = High reputation • Reputation weight value is referred to as ‘Reputation Token’ Bienvenida Pagdanganan

  32. Our Approach – Trust Management in Web Services Based SOA • Reputation Authority • Soft trust authority body • The Reputation Authority can then validate the Reputation Rating of the user for a given role or capability as Identity based attributes for the user. Bienvenida Pagdanganan

  33. Our Approach – Trust Management in Web Services Based SOA • (01) <wsp:Policy wsu:Id=”tokens” • xmlns:wsse="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy" • xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" > • (02) <wsp:ExactlyOne wsp:Usage=’Required”> • (03) <wsp:All> • (04) <wsse:SecurityToken /> • (05) <wsse:TokenType> wsse:ReputationToken </wsse:TokenType> • (06) </wsee:SecurityToken> • (07) <wsse:SecurityToken /> • (08) <wsse:TokenType> wsse:LoyaltyCardNumber </wsse:TokenType> • (09) </wsee:SecurityToken> • (10) <wsse:SecurityToken /> • (11) <wsse:TokenType> wsse:UsernameToken </wsse:TokenType> • (12) </wsee:SecurityToken> • (13) </wsp:All> • (14) <wsp:All> • (15) <wsse:SecurityToken /> • (16) <wsse:TokenType> wsse:ReputationToken </wsse:TokenType> • (17) </wsee:SecurityToken> • (18) <wsse:SecurityToken /> • (19) <wsse:TokenType> </wsse:TokenType> • (20) </wsee:SecurityToken> • (21) <wsse:SecurityToken /> • (22) <wsse:TokenType> wsse:UsernameToken </wsse:TokenType> • (23) </wsee:SecurityToken> • (24) </wsp:All> • (25) </wsp:ExactlyOne> • (26) </wsp:Policy> • Incorporating Hybrid Trust Attributes in Policy Bienvenida Pagdanganan

  34. Our Approach –Federation and Trust in Web Service • Mechanism to federate across trusted authorities incorporating Reputation Authorities Bienvenida Pagdanganan

  35. Our Approach –Federation and Trust in Web Service 1. ABC Company issued Alice a Kerberos security token and a reputation token. 2. Currency service’s policy only accepts security and reputation tokens issued by its own security token service and reputation authority. 3. We assume the administrators at ABC Company and Business456 have exchanged public key certificates and reputation tokens in order to federate security. 4. We further assume that Alice only supports symmetric key technology. 5. Based on the Currency Web service policy, Alice needs to acquire a security token and a reputation token that can be used to access the security token service and the reputation authority at Business456. 6. Alice first contacts her security token service and reputation authority that is intended for the Business456 security token service and reputation authority. 7. Using the security and reputation token intended for the Business456 security token service and reputation authority, Alice requests security and reputation token for the Currency service. 8. The Business456 security token service provides Alice security token for the Currency service, and reputation token required by the Currency service policy. 9. Using the security and reputation token intended for the Currency service and the associated symmetric key, Alice makes the requests to the Currency service. Bienvenida Pagdanganan

  36. Future Work Suggested Work: Development of a trust management system incorporating reputation-based token in its language for policy formulation Study to consider the formal institution of Reputation Authority In our approach to evaluate reputation using weighted values, further work may adapt such methodology and compare and contrast with some existing models Concept of quality trust can be further studied Bienvenida Pagdanganan

More Related