1 / 5

WS-SX Use Cases Heather Hinton Tony Nadalin

WS-SX Use Cases Heather Hinton Tony Nadalin. Heather Hinton Tony Nadalin. Use Cases Approach. Test each spec “silo-ed” To allow for stand alone implementations, especially important for STS implementations Test specs in combination

mandell
Télécharger la présentation

WS-SX Use Cases Heather Hinton Tony Nadalin

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. WS-SX Use CasesHeather Hinton Tony Nadalin Heather Hinton Tony Nadalin

  2. Use Cases Approach • Test each spec “silo-ed” • To allow for stand alone implementations, especially important for STS implementations • Test specs in combination • To define functionality that more likely corresponds to what happens when customers interoperate (B2B like stuff) • All together now • One big happy family test

  3. Silo-ed Use Cases • WS-Trust • Stand alone STS • With a trust environment (so proof of possession optimized out) • Third party STS • WS-SecureConversation • Internal to an customer’s environment but require SecConv • WS-SecurityPolicy • Inclusion of security policy in a WSDL (advertisement of security tokens/parameters required for service access)

  4. Combination Use Cases • WS-Trust & WS-SecConv • Use Trust server to get SCT/DKT • Internal to a customer’s environment • Use third-party trust server to negotiate for cross-partner • WS-Security & WS-SecurityPolicy • Use Sec Policy to describe security token parameters • Will probably reference back to “silo-ed” WS-SecPol • WS-Trust & WS-SecurityPolicy • Use SecPolicy to describe token parameters within a Trust Request • WS-SecConv & WS-SecurityPolicy • Use SecPol to describe SecConv parameters when implementing SecConv across partners

  5. All Together Now • WS-Trust & WS-SecConv & WS-SecPolicy • With SecPolicy applied to Trust (where Trust used to get keys for SecConv) • Negotiate a SecConv and use SecPolicy to determine how to define a token about a requestor (where requestor is above/beyond SecConv partner – so Trust is as STS)

More Related