Secure Systems Research Group - FAU WS-Security and its Related Patterns Presented by Keiko Hashizume

Secure Systems Research Group - FAU

WS-Security and its Related Patterns

Presented by Keiko Hashizume


Outline

• Introduction• Web Services Security Standards

Interdependencies• A Pattern for XML Encryption• A Pattern for WS-Security


Introduction

• Web services communicate using XML messages that may contain sensitive data. How can we protect this data?

• Traditional protocols such as SSL and IPSec can be used to transport web services, but using these transport protocols lead to some limitations. SSL is point-to-point secure but not end-to-end because it protects the data while they are in transit. After the data is delivered, the security is lost. If we want to protect only the sensitive data, it is impossible.

• In response of this deficiency, some standards have emerged to fill this gap such as WS-Security, WS-Trust, WS-SecureConversation and others.


WS Security Standard Interdependencies

• The XML Encryption describes a process for scrambling data but keeping a correct XML syntax.

• The XML Signature provides a means to identify the source of the message (message authentication), and it provides also message integrity.

• WS-Security standard applies XML security technologies such as XML Encryption and Signature. It also defines how to embed different security tokens.

• WS-Policy describes how to express security policies that are needed or supported by a web service.


WS-Security Standard Interdependencies

• SAML defines a standard protocol to exchange authentication and authorization assertions. It uses WS-Security standard to protect assertions while their transmission.

• WS-Trust provides a framework for requesting and issuing security tokens, and to broker trust relationships. It uses WS-Security to transfer the required security token, using XML Signature and Encryption to ensure secrecy and confidentiality. This standard may use WS-Policy to specify which security tokens are required at the target.

• WS-SecureConversation defines a security context for secure communications using session keys. This specification uses WS-Security, WS-Trust and WS-Policy to negotiate and issue session keys.

• WS-Federation defines mechanisms to allow different security realms to federate [Fed06]. It describes how federated trust scenarios can be constructed using WS-Security, WS-Policy, WS-Trust, and WS-SecureConversation.


WS-Security Standard Interdependencies


A Pattern for XML Encryption• XML Encryption standard describes the syntax to

represent XML encrypted data and the process of encryption and decryption. XML Encryption provides message confidentiality by hiding sensitive information in such way that can be understood only by intended recipients.

• Context– Users of web services send and receive SOAP

messages through insecure networks such as the Internet.


Problem• Applications that communicate with external applications interchange

sensitive data that may be read by unauthorized users while they are in transit.

• The solution for this problem is affected by the following forces:– Messages may be captured while they are in transit or in storage, so we need

to protect this data from being read by intruders. – The safety of the system does not depend on the secrecy of the algorithm

[Fer]. Thus, we need a way to make this cryptographic system strong.– We need to express encrypted elements in a standardized XML format, so

interoperability can be ensured between applications. Thus encrypted data can be nested within an XML message.

– Different parts of a message may be intended for different recipients, and not all the information contained within a message should be available to all the recipients. Thus, each recipient should read parts of the message that are intended for them while hiding the other parts.

– Both symmetric and asymmetric encryption algorithms should be supported.– If a secret key is embedded into the message, it should be securely

exchanged.


Solution

• Transform a message using algorithms so that it can (be unreadable) only be understood by legitimate receivers that possess a valid key. A message will be transformed into a form that can safely be transmitted or stored.


– Structure Class Diagram


– Dynamics

Sequence Diagram for encrypting an encrypt an element of an XML message using a shared key


– Dynamics

Sequence Diagram for decrypting an encrypted element of an XML message


Consequences• This pattern presents the following advantages:

– Only users that know the key can decrypt and read the message. Each recipient can only decrypt parts of a message that are intended to him but unable to decrypt the rest.

– The strength of a cryptosystem is based on the secrecy of a long key [Bra98]. The cryptographic algorithms are known to the public, so the key should be kept protected from unauthorized users.

– The EncryptedData is an XML element that replaces the data to be encrypted. The EncryptedData as well as the EncryptedKey are composed by other subelements such as encryption method, key information, and cipher value. This standard format allows interoperability between aplications.

– The entire XML message or only some parts can be encrypted. – XML Encryption supports both symmetric and asymmetric encryption. The

symmetric encryption is used to encrypt/decrypt the data whereas the asymmetric encryption to encrypt/decrypt the symmetric key.

– If both the sender and the receiver have not exchanged the keys previously, the key can be encrypted using public key system.

• The pattern also has some (possible) liabilities:– The verifier must have confidence that the public key belongs to the sender and

not to an impostor.


Known Uses• Several vendors have developed tools that support XML

Signature.– Xtradyne’s WebService Domain Boundary Controller (WS-DBC)

[Xtr]. The WS-DBC is an XML firewall that provides protection against malformed messages and malicious content, XML encryption, XML signature, and authentication, authorization, and audit.

– IBM - DataPower XML Security Gateway XS40 [IBM] parses, filters, validates schema, decrypts, verifies signatures, signs, and encrypts XML message flows.

– Forum Systems - Forum Sentry SOA Gateway [For] conforms to XML Digital Signature, XML Encryption, WS-Trust, WS-Policy and other standards.

– Microsoft .NET [Mic] includes API that support the encryption and decryption of XML data.


Related Patterns

• This pattern is a specialization of the Symmetric Encryption Pattern.


A Pattern for WS-Security• The WS-Security standard describes how to

embed existing security mechanisms such as encryption, digital signature, and security tokens into SOAP messages in order to provide message confidentiality, message integrity, message authentication, and non-repudiation.

• Context– Users of web services send and receive SOAP

messages through insecure channel such as the Internet.


Problem• It is essential to protect sensitive information not only

when it travels through insecure networks but also when it is stored before processing. Transport layer security such as SSL and IPSec protects the data while it is in transit; however, after being delivered, the data is no longer secured.

• The solution for this problem is affected by the following forces:– We need a common format in SOAP messages in order to add

security features, so both senders and receivers can be able to process messages that contain security features.

– SOAP messages may travel in a network environment with many intermediaries, an end-to-end security solution is needed. For example, SOAP messages pass through multiple applications between companies that may read, add or subtract information.


Solution

• Define areas in the message format that specify parameters for security mechanisms such as encryption, digital signatures, and security tokens.

• A message is composed of a body and an optional header. Three major elements can be embedded within the header of a message: XML encryption, XML signature, and security tokens.


– Structure Class Diagram


– Dynamics

Sequence Diagram for encrypting an element using a symmetric key that is itself encrypted using a security token


– Dynamics

Sequence Diagram for signing an XML element


Implementation• To implement WS-Security standard, the

following tasks need to be done:– Client applications must be able to add and read

security elements from SOAP messages. – Clients need to have knowledge of cryptographic

algorithms such as security token formats, signature formats and encryption technologies.


Consequences• This pattern presents the following advantages:

– Using the header of a SOAP message we can indicate security features such as XML encryption, XML signatures, and security tokens.

– Adding security features into the SOAP messages provides end-to-end level security because these messages can be protected during transmission through many intermediaries.

• The pattern also has some (possible) liabilities:– This pattern does not describe details of encryption, digital

signatures, or security tokens.– WS-Security is an immature specification which is still

changing.


Known UsesSeveral vendors have developed products that support WS-Security.– Xtradyne’s WS-DBC (Web Service Domain Boundary Controller) http://www.xtradyne.com/products/ws-dbc/WSDBCfeatures.htm– IONA Artix www.iona.com/info/aboutus/collateral/Artix%20and%20Security.pdf–Forum Sentry™ http://forumsys.com/products_sentry_specs.htm–Microsoft Trust Bridge http://www.microsoft.com/presspass/press/2002/Jun02/06-06TrustbridgePR.mspx


Related Patterns

• WS-Security uses XML Signature and XML Encryption Patterns.

• Secure Channel contains a set of security protocols that provide identity authentication and secure, private communication through encryption.

Documents

Secure Systems Research Group - FAU WS-Security and its Related Patterns Presented by Keiko Hashizume