html5-img
1 / 31

Integrated Security Architecture

Integrated Security Architecture. James Andoniadis IBM Canada. CEO View: Increased Collaboration Brings Rewards. Perimeter Defense. Control Layer. Assurance Layer. Layers of security. Perimeter Defense Keep out unwanted with Firewalls Anti-Virus Intrusion Detection, etc. Control Layer

quemby-warner
Télécharger la présentation

Integrated Security Architecture

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Integrated Security Architecture James Andoniadis IBM Canada

  2. CEO View: Increased Collaboration Brings Rewards

  3. Perimeter Defense Control Layer Assurance Layer Layers of security • Perimeter Defense • Keep out unwanted with • Firewalls • Anti-Virus • Intrusion Detection, etc. • Control Layer • Which users can come in? • What can users see and do? • Are user preferences supported? • Can user privacy be protected? • Assurance Layer • Can I comply with regulations? • Can I deliver audit reports? • Am I at risk? • Can I respond to security events?

  4. Pre SOA Security: Enforcement & Decision Points Access Enforcement Functionality (AEF) Access Decision Functionality (ADF)

  5. Network Operating Systems Application Certificate Network External Internal Directory Status Access SMTP SMTP Customer Responder Control Gateway Gateway LOB Applications Employee Databases Network Delegated User Identity Management Management Dispatcher External Internal Directory Directory Transactional Web Web Access Certifcate Integration Control Authority Internal ePortal, LDAP- Transactional Network enabled apps Web Authentication & Authorization Presentation Informational Application Web Access Control Presentation Single Sign On Directory Management View LDAP Directory Meta-Directory Proxy External ePortal Messaging Web Single Sign On CRM/ ERP (PeopleSoft)

  6. Apps/Email NOS ITDI Directory Integration TAM for ESSO ITDS Directory Server UNIX/Linux ITIM: Provisioning Databases & Applications • Policies • Workflow • Password Self-service • Audit trails MF/Midrange ITAM: Web Access Management SSO, Authentication, Authorization Security MgmtObjects Portal Presentation Personalization Web Applications ITFIM: Federated Identity Web Services Security Identity and Access Management Portfolio Identity Stores CRM, Partners HR • Enterprise Directory • Personal Info • Credentials • Entitlements

  7. Users Users Users Governments as Identity Providers “TRUST provides ACCESS” Germany:Identity Provider USA:Identity Provider The United States is an“Identity Provider”because it issues a Passport as proof of identification USAVouchesfor its Citizens China:Identity Provider

  8. Roles: Identity Provider and Service Provider “Validation” party in transaction “Vouching” party in transaction Service Provider Identity Provider Mutual TRUST Service Provider controls access to services Third-party user has access to services for the duration of the federation Only manages user attributes relevant to SP 1. Issues Network / Login credentials 2. Handles User Administration/ ID Mgmt 3. Authenticates User 4. “Vouches” for the user’s identity

  9. Federated Identity Standards

  10. Agenda • Enterprise Security Architecture – MASS Intro • Identity, Access, and Federated Identity Management • SOA Security

  11. SOA Security Encompass all Aspects of Security 5 5 5 5 SCA Portlet WSRP B2B Other consumers SOA Security • Identity • Authentication • Authorization • Confidentiality, Integrity • Availability • Auditing & Compliance • Administration and Policy Management 4 4 4 4 Service Consumer Service Consumer business processes business processes process choreography process choreography 3 3 3 3 Services (Definitions) services atomic and composite atomic and composite 2 2 2 2 Service components 1 1 Service Provider Service Provider 1 1 SAP Custom Custom OO OO Packaged ISV Application Application Application Application Packaged Custom Custom Application Outlook Application Application Application Custom Apps Operational systems Platform Supporting Middleware OS/390 MQ DB2 Unix

  12. Message-based Security : End-to-End Security ConnectionIntegrity/Privacy ConnectionIntegrity/Privacy • Message-based security does not rely on secure transport • message itself is encrypted  message privacy • message itself is signed  message integrity • message contains user identity  proof of origin ? HTTPS HTTPS SOAP Message

  13. Authorization Secure Conversation Federation Privacy Security Policy Trust WSS – SOAP Security SOAP Messaging Web Service Security Specifications Roadmap

  14. SOAP Message Security: Extensions to Header Envelope Security Element Security Token Header • SOAP Header allows for extensions • OASIS standard “WS-Security: SOAP Message Security” • defines XML for Tokens, Signatures and Encryption • defines how these elements are included in SOAP Header Security Element Signature Body <application data> Encrypted Data

  15. Security Drill Down 1st Layer Message Security • Signature Validation/ Origin Authentication • Message Level Decryption 2nd Layer Message Security • Requestor Identification & Authentication & Mapping • Element Level Decryption Nth Layer Message Security • Requestor Identification & Authentication & Mapping • Message Level Encryption Transport Layer Security • SSL/TLS Termination Application Security (Authorization with ESB asserted identifier) Security Policy Security Token Service Key Store, Management Authorization

  16. Moving to SOA – Accommodate Web Services HTTP SOAP

  17. Moving to SOA – Accommodate Web Services Transport Layer Confidentiality Integrity User Interaction Based I&A Enforcement HTTP Message Layer Confidentiality Integrity Token Based Authentication Enforcement Transport Layer Confidentiality Integrity SOAP Identity Mapping Identification & Authentication Decisions

  18. TFIM TFIM TAM TAM TFIM Moving to SOA, Adding the ESB…(Mandatory Scary Picture) WebSphere Enterprise Service Bus DP XI50 H/W: DataPower XS40 S/W: WebSphere Web Svs. G/W S/W: Tivoli Access Manager Reverse Proxy/Web PI TFIM, TAM Tivoli Directory Server Tivoli Federated Identity Manager Tivoli Access Manager Common Auditing & Reporting Service

  19. Further Reading • On Demand Operating Environment: Security Considerations in an Extended Enterprise • http://publib-b.boulder.ibm.com/abstracts/redp3928.html?Open • Web Services Security Standards, Tutorials, Papers • http://www.ibm.com/developerworks/views/webservices/standards.jsp • http://www.ibm.com/developerworks/views/webservices/tutorials.jsp • http://webservices.xml.com/ • Websphere Security Fundamentals / WAS 6.0 Security Handbook • http://www.redbooks.ibm.com/redpieces/abstracts/redp3944.html?Open • http://www.redbooks.ibm.com/redpieces/abstracts/sg246316.html?Open • IBM Tivoli Product Home Page • http://www.ibm.com/software/tivoli/solutions/security/

  20. Summary • End-to-end Security Integration is complex • Web Services and SOA security are emerging areas • Moving from session level security to message level security • Identity Management incorporates several security services, but other security services need to be integrated as well • Audit and Event Management, Compliance and Assurance • Etc. • Security technology is part – process, policy, people are the others and often harder to change • Only Constant is Change, but evolve around the fundamentals • Establish separation of application and security management • Use of open standards will help with integration of past and future technologies

  21. Questions?

  22. Security 101 Definitions • Authentication - Identify who you are • Userid/password, PKI certificates, Kerberos, Tokens, Biometrics • Authorization – What you can access • Access Enforcement Function / Access Decision Function • Roles, Groups, Entitlements • Administration – Applying security policy to resource protection • Directories, administration interfaces, delegation, self-service • Audit – Logging security success / failures • Basis of monitoring, accountability/non-repudiation, investigation, forensics • Assurance – Security integrity and compliance to policy • Monitoring (Intrusion Detection, AntiVirus, Compliance), Vulnerability Testing • Asset Protection • Data Confidentiality, Integrity, Data Privacy • Availability • Backup/recovery, disaster recovery, high availability/redundance

  23. Agenda • Enterprise Security Architecture – MASS Intro • Identity, Access, and Federated Identity Management • SOA Security

  24. MASS – Processes for a Security Management Architecture

  25. Access Control Subsystem Purpose: • Enforce security policies by gating access to, and execution of, processes and services within a computing solution via identification, authentication, and authorization processes, along with security mechanisms that use credentials and attributes. Functions: • Access control monitoring and enforcement: Policy Enforcement Point/Policy Decision Point/ Policy Administration Point • Identification and authentication mechanisms, including verification of secrets, cryptography (encryption and signing), and single-use versus multiple-use authentication mechanisms • Authorization mechanisms, to include attributes, privileges, and permissions • Enforcement mechanisms, including failure handling, bypass prevention, banners, timing and timeout, event capture, and decision and logging components Sample Technologies: • RACF, platform/application security, web access control

  26. Identity and Credential Subsystem Purpose: • Generate, distribute, and manage the data objects that convey identity and permissions across networks and among the platforms, the processes, and the security subsystems within a computing solution. Functions: • Single-use versus multiple-use mechanisms, either cryptographic or non-cryptographic • Generation and verification of secrets • Identities and credentials to be used in access control: identification, authentication, and access control for the purpose of user-subject binding • Credentials to be used for purposes of identity in legally binding transactions • Timing and duration of identification and authentication • Lifecycle of credentials • Anonymity and pseudonymity mechanisms Sample Technologies: • Tokens (PKI, Kerberos, SAML), User registries (LDAP,AD,RACF,…), Administration consoles, Session management

  27. Information Flow Control Subsystem Purpose: • Enforce security policies by gating the flow of information within a computing solution, affecting the visibility of information within a computing solution, and ensuring the integrity of information flowing within a computing solution. Functions: • Flow permission or prevention • Flow monitoring and enforcement • Transfer services and environments: open or trusted channel, open or trusted path, media conversions, manual transfer, and import to or export between domain • Encryption • Storage mechanisms: cryptography and hardware security modules Sample Technologies: • Firewalls, VPNs, SSL

  28. Security Audit Subsystem Purpose: • Provide proof of compliance to the security policy. Functions: • Collection of security audit data, including capture of the appropriate data, trusted transfer of audit data, and synchronization of chronologies • Protection of security audit data, including use of time stamps, signing events, and storage integrity to prevent loss of data • Analysis of security audit data, including review, anomaly detection, violation analysis, and attack analysis using simple heuristics or complex heuristics • Alarms for loss thresholds, warning conditions, and critical events Sample Technologies: • syslog, application/platform access logs

  29. Solution Integrity Subsystem Purpose: • address the requirement for reliable and correct operation of a computing solution in support of meeting the legal and technical standard for its processes Functions: • Physical protection for data objects, such as cryptographic keys, and physical components, such as cabling, hardware, and so on • Continued operations including fault tolerance, failure recovery, and self-testing • Storage mechanisms: cryptography and hardware security modules • Accurate time source for time measurement and time stamps • Alarms and actions when physical or passive attack is detected Sample Technologies: • Systems Management solutions - performance, availability, disaster recovery, storage management • Operational Security tools: , Host and Network Intrusion Detection Sensors (Snort), Event Correlation tools, Host security monitoring/enforcement tools (Tripwire, TAMOS), Host/Network Vulnerability Monitors/Scanners (Neesus), Anti-Virus software

More Related