50 likes | 132 Vues
WS-SX Use Cases Heather Hinton Tony Nadalin. Heather Hinton Tony Nadalin. Use Cases Approach. Test each spec “silo-ed” To allow for stand alone implementations, especially important for STS implementations Test specs in combination
E N D
WS-SX Use CasesHeather Hinton Tony Nadalin Heather Hinton Tony Nadalin
Use Cases Approach • Test each spec “silo-ed” • To allow for stand alone implementations, especially important for STS implementations • Test specs in combination • To define functionality that more likely corresponds to what happens when customers interoperate (B2B like stuff) • All together now • One big happy family test
Silo-ed Use Cases • WS-Trust • Stand alone STS • With a trust environment (so proof of possession optimized out) • Third party STS • WS-SecureConversation • Internal to an customer’s environment but require SecConv • WS-SecurityPolicy • Inclusion of security policy in a WSDL (advertisement of security tokens/parameters required for service access)
Combination Use Cases • WS-Trust & WS-SecConv • Use Trust server to get SCT/DKT • Internal to a customer’s environment • Use third-party trust server to negotiate for cross-partner • WS-Security & WS-SecurityPolicy • Use Sec Policy to describe security token parameters • Will probably reference back to “silo-ed” WS-SecPol • WS-Trust & WS-SecurityPolicy • Use SecPolicy to describe token parameters within a Trust Request • WS-SecConv & WS-SecurityPolicy • Use SecPol to describe SecConv parameters when implementing SecConv across partners
All Together Now • WS-Trust & WS-SecConv & WS-SecPolicy • With SecPolicy applied to Trust (where Trust used to get keys for SecConv) • Negotiate a SecConv and use SecPolicy to determine how to define a token about a requestor (where requestor is above/beyond SecConv partner – so Trust is as STS)