Embed Size (px)
Citation preview
XML SecurityXML SecurityBy Rami AmarJanuary 2003
By Rami AmarJanuary 2003
2 of 502 of 50
IntroductionIntroduction
XML is a growing standard Security integration is essential XML Security combines legacy
cryptographic technologies with XML technologies to provide a secure environment for users and applications
XML is a growing standard Security integration is essential XML Security combines legacy
cryptographic technologies with XML technologies to provide a secure environment for users and applications
3 of 503 of 50
On The Lecture …On The Lecture …
XML Digital Signature Integrity & Authentication
XML Encryption Confidentiality
XML Key Management Public Key Registration&Validation
SAML Conveying Authentication
XACML Access Control
XML Digital Signature Integrity & Authentication
XML Encryption Confidentiality
XML Key Management Public Key Registration&Validation
SAML Conveying Authentication
XACML Access Control
P3P Privacy Policies & Preferences
WS Security Security framework for Web Services
Digital Rights Management (XrML)
P3P Privacy Policies & Preferences
WS Security Security framework for Web Services
Digital Rights Management (XrML)
4 of 504 of 50
What Else?What Else?
Some general XML Background Some SOAP Background Some Security Background
Some general XML Background Some SOAP Background Some Security Background
5 of 505 of 50
So What’s this XML??So What’s this XML??
eXtended Markup Language (like HTML, just extended)
Syntax and rules for structuring information
Anyone can create a vocabulary and use it Any application can learn a vocabulary
and read it We tell apart from vocabularies using
namespaces
eXtended Markup Language (like HTML, just extended)
Syntax and rules for structuring information
Anyone can create a vocabulary and use it Any application can learn a vocabulary
and read it We tell apart from vocabularies using
namespaces
6 of 506 of 50
Vocabularies? Huh?!Vocabularies? Huh?!
DTD – Document Type Definition Defines element tags and attributes Can be referenced or included in the
document Does not support constraints Short, simple, and with low overhead
DTD – Document Type Definition Defines element tags and attributes Can be referenced or included in the
document Does not support constraints Short, simple, and with low overhead<?xml version="1.0"?>
<!DOCTYPE bookstore [ <!ELEMENT bookstore (name,topic+)> <!ELEMENT topic (name,book*)> <!ELEMENT name (#PCDATA)> <!ELEMENT book (title,author)> <!ELEMENT title (#CDATA)> <!ELEMENT author (#CDATA)> <!ELEMENT isbn (#PCDATA)> <!ATTLIST book isbn CDATA "0"> ]>
<bookstore> <name>Mike's Store</name> <topic> <name>XML</name> <book isbn="123-456-789"> <title>A Guide To DTD's </title> <author>Mike Jervis</author> </book> </topic></bookstore>
7 of 507 of 50
<xsd:complexType name="topicType"> <xsd:element name="name" type="xsd:string"/> <xsd:element name="book" type="bookType" minOccurs="0"/></xsd:complexType><xsd:complexType name="bookType"> <xsd:element name="title" type="xsd:string"/> <xsd:element name="author" type="xsd:string"/> <xsd:attribute name="isbn" type="isbnType"/></xsd:complexType><xsd:simpleType name="isbnType"> <xsd:restriction base="xsd:string"> <xsd:pattern value="\[0-9]{3}[-][0-9]{3}[-][0-9]{3}"/> </xsd:restriction></xsd:simpleType>
Vocabularies? Huh?!Vocabularies? Huh?! Schemas
Uses an Object Oriented Approach Allows definition of complex types and
constraints Powerful, but creates a lot of overhead.
Schemas Uses an Object Oriented Approach Allows definition of complex types and
constraints Powerful, but creates a lot of overhead.
<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema"><xsd:annotation> <xsd:documentation xlm:lang="en"> XML Schema for a Bookstore as an example. </xsd:documentation></xsd:annotation><xsd:element name="bookstore" type="bookstoreType"/><xsd:complexType name="bookstoreType"> <xsd:sequence> <xsd:element name="name" type="xsd:string"/> <xsd:element name="topic" type="topicType" minOccurs="1"/> </xsd:sequence></xsd:complexType>
8 of 508 of 50
SOAP (like Dove?)SOAP (like Dove?)
Simple Object Access Protocol The SOAP envelope - defines an overall
framework for expressing what is in a message; who should deal with it, and whether it is optional or mandatory
The SOAP encoding rules defines a serialization mechanism that can be used to exchange instances of application-defined datatypes
The SOAP RPC representation defines a convention that can be used to represent remote procedure calls and responses
Simple Object Access Protocol The SOAP envelope - defines an overall
framework for expressing what is in a message; who should deal with it, and whether it is optional or mandatory
The SOAP encoding rules defines a serialization mechanism that can be used to exchange instances of application-defined datatypes
The SOAP RPC representation defines a convention that can be used to represent remote procedure calls and responses
9 of 509 of 50
SOAP (a message embedded in HTTP)SOAP (a message embedded in HTTP)
POST /StockQuote HTTP/1.1Host: www.stockquoteserver.comContent-Type: text/xml; charset="utf-8"Content-Length: nnnnSOAPAction: "Some-URI"
<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" SOAP-ENV:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"> <SOAP-ENV:Body> <m:GetLastTradePrice xmlns:m="Some-URI"> <symbol>DIS</symbol> </m:GetLastTradePrice> </SOAP-ENV:Body></SOAP-ENV:Envelope>
POST /StockQuote HTTP/1.1Host: www.stockquoteserver.comContent-Type: text/xml; charset="utf-8"Content-Length: nnnnSOAPAction: "Some-URI"
<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" SOAP-ENV:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"> <SOAP-ENV:Body> <m:GetLastTradePrice xmlns:m="Some-URI"> <symbol>DIS</symbol> </m:GetLastTradePrice> </SOAP-ENV:Body></SOAP-ENV:Envelope>
10 of 5010 of 50
Why do we need XML Security?Why do we need XML Security?
Wide variety of hardware &
software
Different administrative
applications and security requirements
The need for a modular
approach.
XML•Adopted widely
•Basis for distributed systems protocols•Text based & designed for modularity and
expandability
11 of 5011 of 50
What’s wrong with older Enryption tools?What’s wrong with older Enryption tools?
They encrypt whole documents only They are not designed for the
content management approach They provide security only over the
data connection
They encrypt whole documents only They are not designed for the
content management approach They provide security only over the
data connection
12 of 5012 of 50
So What’s so good about XML Security?So What’s so good about XML Security?
It provides means for integrity, authentication, and confidentiality
It is integrated with XML and maintains all XML’s advantages.
It also provides end-to-end security
It provides means for integrity, authentication, and confidentiality
It is integrated with XML and maintains all XML’s advantages.
It also provides end-to-end security
Sounds Peachy, But…Sounds Peachy, But…
It damages documents searchability Gets complicated when it comes to
signatures Vulnerable to plain text attacks…
It damages documents searchability Gets complicated when it comes to
signatures Vulnerable to plain text attacks…
13 of 5013 of 50
Security Mumbo JumboSecurity Mumbo Jumbo
Authentication Determine identity of a person/object
Authorization Determine what the person is allowed to do
Integrity Ensure the data was not altered on its way to you
Signature Validate the source of the data
Confidentiality Limit the people allowed to view the data
Privacy Make sure no one abuses your data
Digital Rights Management Limit users from doing whatever they want
Authentication Determine identity of a person/object
Authorization Determine what the person is allowed to do
Integrity Ensure the data was not altered on its way to you
Signature Validate the source of the data
Confidentiality Limit the people allowed to view the data
Privacy Make sure no one abuses your data
Digital Rights Management Limit users from doing whatever they want
14 of 5014 of 50
Encryption TalkEncryption Talk Encryption Algorithm Keys Symmetric Key Encryption
Shared secret key Relatively fast
A-Symmetric Encryption Public keys Private Keys Complex and slow
Encryption Algorithm Keys Symmetric Key Encryption
Shared secret key Relatively fast
A-Symmetric Encryption Public keys Private Keys Complex and slow
15 of 5015 of 50
XML Security StandardsXML Security Standards
XML Vocabulary for security information is defined
Standards comply with other XML standards
Security should be applied to: Whole XML Documents Specific XML Elements XML Element Content
Security is associated with content (not transport, like SSL)
XML Security uses existing crypto methods
XML Vocabulary for security information is defined
Standards comply with other XML standards
Security should be applied to: Whole XML Documents Specific XML Elements XML Element Content
Security is associated with content (not transport, like SSL)
XML Security uses existing crypto methods
16 of 5016 of 50
XML Digital SignatureXML Digital Signature
The Purpose: DS creates & verifies portable electronic
signatures DS provides persistent content integrity
The Purpose: DS creates & verifies portable electronic
signatures DS provides persistent content integrity
Reminder: a signature can be created only by
one person, A, but anyone can verify that
A signed it
17 of 5017 of 50
XML Digital SignatureXML Digital Signature Features:
You can sign just about anything in the document
You can use XML Canonicalization for robustness
You can separate the signature from the document
Features: You can sign just about anything in the
document You can use XML Canonicalization for
robustness You can separate the signature from the
document
18 of 5018 of 50
<?xml version="1.0" encoding="UTF-8"?> <Signature xmlns="http://www.w3.org/2000/09/xmldsig#"> <SignedInfo Id="foobar"> <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/> <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1" /> <Reference URI="http://www.abccompany.com/news/2000/03_27_00.htm"> <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /> <DigestValue>j6lwx3rvEPO0vKtMup4NbeVu8nk=</DigestValue> </Reference> <Reference URI="http://www.w3.org/TR/2000/WD-xmldsig-core-20000228/signature-ex.xml"> <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> <DigestValue>UrXLDLBIta6skoV5/A8Q38GEw44=</DigestValue> </Reference> </SignedInfo> <SignatureValue>MC0E~LE=</SignatureValue> <KeyInfo> <X509Data> <X509SubjectName>CN=Ed Simon,O=XMLSec Inc.,ST=OTTAWA,C=CA</X509SubjectName> <X509Certificate> MIID5jCCA0+gA...lVN </X509Certificate> </X509Data> </KeyInfo> </Signature>
XML Digital SignatureXML Digital Signature Creating an XML Digital Signature Creating an XML Digital Signature
<SignedInfo Id="foobar"> <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/> <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1" /> <Reference URI="http://www.abccompany.com/news/2000/03_27_00.htm"> <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /> <DigestValue>j6lwx3rvEPO0vKtMup4NbeVu8nk=</DigestValue> </Reference> <Reference URI="http://www.w3.org/TR/2000/WD-xmldsig-core-20000228/signature-ex.xml"> <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> <DigestValue>UrXLDLBIta6skoV5/A8Q38GEw44=</DigestValue> </Reference> </SignedInfo>
<Reference URI="http://www.abccompany.com/news/2000/03_27_00.htm"> <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /> <DigestValue>j6lwx3rvEPO0vKtMup4NbeVu8nk=</DigestValue></Reference> <Reference URI="http://www.w3.org/TR/2000/WD-xmldsig-core-20000228/signature-ex.xml"> <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> <DigestValue>UrXLDLBIta6skoV5/A8Q38GEw44=</DigestValue></Reference>
19 of 5019 of 50
XML Digital SignatureXML Digital Signature Verifying an XML Signature:
Recalculate the signature of <SignedInfo> If it’s correct, recalculate the signature of each
reference.
Verifying an XML Signature: Recalculate the signature of <SignedInfo> If it’s correct, recalculate the signature of each
reference.
20 of 5020 of 50
XML EncryptionXML Encryption
Purpose: Allow users to encrypt and decrypt data Provide confidentiality in transport and in storage
Features: Defined vocabulary for ciphers and encryption
information Both XML and non-XML content can be encrypted Encryption granularity – element content Encrypted infromation stays in XML form. Compatible with signatures Supports for many encryption algorithms
Purpose: Allow users to encrypt and decrypt data Provide confidentiality in transport and in storage
Features: Defined vocabulary for ciphers and encryption
information Both XML and non-XML content can be encrypted Encryption granularity – element content Encrypted infromation stays in XML form. Compatible with signatures Supports for many encryption algorithms
21 of 5021 of 50
XML EncryptionXML Encryption
Key Concepts: Encrypted elements are replaced by an
<EncryptedData> element <EncryptedData> element contains:
A Type attribute – indicates the type of the information encrypted
Information about the algorithm used for encryption An <EncryptedKey> element <CipherData> A Reference to the cipher, or the cipher itself
<EncryptedKey> - used for encrypting secret keys in symmetric key encryption
Key Concepts: Encrypted elements are replaced by an
<EncryptedData> element <EncryptedData> element contains:
A Type attribute – indicates the type of the information encrypted
Information about the algorithm used for encryption An <EncryptedKey> element <CipherData> A Reference to the cipher, or the cipher itself
<EncryptedKey> - used for encrypting secret keys in symmetric key encryption
22 of 5022 of 50
<?xml version='1.0'?>
<PaymentInfo xmlns='http://example.org/paymentv2'>
<Name>John Smith</Name>
<CreditCard Limit='5,000' Currency='USD'>
<Number>
<EncryptedData xmlns='http://www.w3.org/2001/04/xmlenc#‘
Type='http://www.w3.org/2001/04/xmlenc#Content'>
<CipherData>
<CipherValue>A23B45C56</CipherValue>
</CipherData>
</EncryptedData>
</Number>
<Issuer>Example Bank</Issuer>
<Expiration>04/02</Expiration>
</CreditCard>
</PaymentInfo>
XML Encryption – Simple ExampleXML Encryption – Simple Example
<EncryptedData Id? Type? MimeType? Encoding?>
<EncryptionMethod/>?
<ds:KeyInfo>
<EncryptedKey>?
<AgreementMethod>?
<ds:KeyName>?
<ds:RetrievalMethod>?
<ds:*>?
</ds:KeyInfo>?
<CipherData>
<CipherValue>?
<CipherReference URI?>?
</CipherData>
<EncryptionProperties>?
</EncryptedData>
<?xml version='1.0'?>
<PaymentInfo xmlns='http://example.org/paymentv2'>
<Name>John Smith</Name>
<CreditCard Limit='5,000' Currency='USD'>
<Number>4019 2445 0277 5567</Number>
<Issuer>Example Bank</Issuer>
<Expiration>04/02</Expiration>
</CreditCard>
</PaymentInfo>
23 of 5023 of 50
XML Encryption – Complex ExampleXML Encryption – Complex Example<PatientRecord
xmlns="http://www.medical.org/" xmlns:lab="http://www.lab.org/tests"> <Name>John Doe</Name> <EncryptedData Type='http://www.w3.org/2001/04/xmlenc#Element'
xmlns='http://www.w3.org/2001/04/xmlenc#'> <EncryptionMethod Algorithm='http://www.w3.org/2001/04/xmlenc#3des-cbc'/> <ds:KeyInfo xmlns:ds='http://www.w3.org/2000/09/xmldsig#'> <EncryptedKey Id='EK' xmlns='http://www.w3.org/2001/04/xmlenc#'> <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5" /> <ds:KeyInfo xmlns:ds='http://www.w3.org/2000/09/xmldsig#'> <ds:KeyName> Dr Kutter's public key pair </ds:KeyName> </ds:KeyInfo> <CipherData> <CipherValue>xyzabc</CipherValue> </CipherData> <CarriedKeyName> Dr Kutter's symmetric key </CarriedKeyName> </EncryptedKey> <ds:KeyName> Dr Kutter's symmetric key </ds:KeyName> </ds:KeyInfo> <CipherData> <CipherValue>a17xj2z</CipherValue> </CipherData> </EncryptedData>
<Signature xmlns='http://www.w3.org/2000/09/xmldsig#'> <SignedInfo> <SignatureMethod Algorithm="http://www.w3.org/2000/07/xmldsig#rsa-sha1" /> <!-- signature on entire PatientRecord before encryption is default interpretation --> <Reference URI=""> <Transforms Algorithm="http://www.w3.org/TR/2000/WD-xml-c14n-20000710" /> <DigestMethod Algorithm="http://www.w3.org/2000/07/xmldsig#sha1" /> <DigestValue>kjsdf</DigestValue> </Reference> </SignedInfo> <SignatureValue>xjksdasd</SignatureValue> <KeyInfo> <KeyName>Sally Smith's Integrity Key</KeyName> </KeyInfo> </Signature> </PatientRecord>
24 of 5024 of 50
XML Key Management SpecificationXML Key Management Specification
Purpose: XKMS is designed to manage the sharing of
public keys. Managing includes verifying signatures Managing also includes encrypting messages to
recipients. XKMS defines XML messages for registering and
finding keys XKMS saves the work for applications
Purpose: XKMS is designed to manage the sharing of
public keys. Managing includes verifying signatures Managing also includes encrypting messages to
recipients. XKMS defines XML messages for registering and
finding keys XKMS saves the work for applications
25 of 5025 of 50
XKMSXKMS
Features: XKRSS – XML Key Registration Service Specification
Allows registering key pairs Saves the key pairs as <KeyBinding> elements Supports backing up & restoring keys
XKISS – XML Key Information Service Specification Enables clients to request <KeyBinding>’s associated with
<KeyInfo> elements. LOCATE operation – locates a requested key VALIDATE operation – validates <KeyBinding>’s
XKMS defines SOAP binding
Features: XKRSS – XML Key Registration Service Specification
Allows registering key pairs Saves the key pairs as <KeyBinding> elements Supports backing up & restoring keys
XKISS – XML Key Information Service Specification Enables clients to request <KeyBinding>’s associated with
<KeyInfo> elements. LOCATE operation – locates a requested key VALIDATE operation – validates <KeyBinding>’s
XKMS defines SOAP binding
26 of 5026 of 50
XKMSXKMS
Key Concepts: Defined messages to & from a trusted server These messages are bound to the SOAP protocol XKMS uses SML Signatures for proof of key
ownership XKMS allows users to request a reply format
(<RespondWith>) XKMS can specify what the key is used for
(<UseKeyWith>)
Key Concepts: Defined messages to & from a trusted server These messages are bound to the SOAP protocol XKMS uses SML Signatures for proof of key
ownership XKMS allows users to request a reply format
(<RespondWith>) XKMS can specify what the key is used for
(<UseKeyWith>)
27 of 5027 of 50
<ValidateResult xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" Service="http://test.xmltrustcenter.org/XKMS" ResultMajor="Success" RequestId="zzjmNi9YL+dnkRXzDoqPoQ==" ResponseId="0WeinJVdbyBKruXhiqTscg==" xmlns="http://www.w3.org/2002/03/xkms#">
<KeyBinding Id="m0/p5bekjemI4tV+FPBkig=="> <KeyInfo> <ds:KeyValue> <ds:RSAKeyValue> <ds:Modulus>...</ds:Modulus> <ds:Exponent>AQAB</ds:Exponent> </ds:RSAKeyValue> </ds:KeyValue> </KeyInfo> <KeyUsage>Signature</KeyUsage> <UseKeyWith Application="urn:ietf:rfc:2633" Identifier="[email protected]" /> <Reason>IssuerTrust</Reason> <Reason>RevocationStatus</Reason> <Reason>ValidityInterval</Reason> </KeyBinding></ValidateResult>
XKMS - ExamplesXKMS - Examples
<ValidateRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" Service="http://test.xmltrustcenter.org/XKMS" RequestId="zzjmNi9YL+dnkRXzDoqPoQ==" xmlns="http://www.w3.org/2002/03/xkms#">
<RespondWith>KeyName</RespondWith><RespondWith>KeyValue</RespondWith><RespondWith>Multiple</RespondWith><KeyBindingQuery Id="T/QMi7gGuKCcNWPi120A/w=="> <KeyInfo>
<ds:X509Data> <ds:X509Certificate>
certificate encoded as text </ds:X509Certificate> </ds:X509Data> </KeyInfo> <KeyUsage>Signature</KeyUsage> <UseKeyWith Application="urn:ietf:rfc:2633" Identifier="[email protected]" /></KeyBindingQuery>
</ValidateRequest>
28 of 5028 of 50
Security Assertion Markup LanguageSecurity Assertion Markup Language
Purpose: Authentication is used to identify clients
who: Require limited access Participate in transactions Require personalized content
Authorization assertions are used to: Share authentications for “single sign-on” Enable third party authenticators
Purpose: Authentication is used to identify clients
who: Require limited access Participate in transactions Require personalized content
Authorization assertions are used to: Share authentications for “single sign-on” Enable third party authenticators
29 of 5029 of 50
SAMLSAML
Features: A vocabulary for sharing security
assertions A request/response protocol with binding
to SOAP. Assertions are associated with subject SAML establishes a general framework for
assertions
Features: A vocabulary for sharing security
assertions A request/response protocol with binding
to SOAP. Assertions are associated with subject SAML establishes a general framework for
assertions
30 of 5030 of 50
SAMLSAML
Key Concepts Detailed authentication & authorization
expressions Schema for Security Assertions
Types: Authentication, Attribute, Authorization Decision, user defined
Information in each Assertion: Assertion ID Subject (name + security domain) Conditions for assertion validity Any additional info (such as ‘how the assertion was
created’) Examples:
Authorization decision: by subject S, for access type A, to resource R, given evidence E.
Key Concepts Detailed authentication & authorization
expressions Schema for Security Assertions
Types: Authentication, Attribute, Authorization Decision, user defined
Information in each Assertion: Assertion ID Subject (name + security domain) Conditions for assertion validity Any additional info (such as ‘how the assertion was
created’) Examples:
Authorization decision: by subject S, for access type A, to resource R, given evidence E.
31 of 5031 of 50
SAMLSAML
32 of 5032 of 50
SAML ImplementationsSAML Implementations
JSAML – A toolkit by Netegrity (http://www.netegrity.com/)
JSR 155 (Java Community Process)
JSAML – A toolkit by Netegrity (http://www.netegrity.com/)
JSR 155 (Java Community Process)
33 of 5033 of 50
XML Access Control Markup languageXML Access Control Markup language
Purpose: XACML defines a vocabulary for making the
authorization rules.
Features: A defined vocabulary for expressing
authorization rules A defined vocabulary for expressing condition for
rules Rules combinations and evaluation Policies which apply rules to subjects
Purpose: XACML defines a vocabulary for making the
authorization rules.
Features: A defined vocabulary for expressing
authorization rules A defined vocabulary for expressing condition for
rules Rules combinations and evaluation Policies which apply rules to subjects
34 of 5034 of 50
XML Access Control Markup languageXML Access Control Markup language
Key Concepts: Compatibility with SAML (same subject/action
definitions)
Rules are defined as targets, effects and conditions
Target – includes resources, subjects, and actions
Effect - <Allow|Deny> Conditions – predicates defined in XACML Policy – A collection of rules, and
obligations (actions performed on authorization)
Key Concepts: Compatibility with SAML (same subject/action
definitions)
Rules are defined as targets, effects and conditions
Target – includes resources, subjects, and actions
Effect - <Allow|Deny> Conditions – predicates defined in XACML Policy – A collection of rules, and
obligations (actions performed on authorization)
35 of 5035 of 50
XACML - ExampleXACML - Example<Rule RuleId="//medico.corules/rule3" Effect="Permit"> <Target> <Subjects> <saml:Attribute AttributeName="RFC822Name" AttributeNamespace="//medico.com"> <saml:AttributeValue>*</saml:AttributeValue> </saml:Attribute> </Subjects> <Resources> <saml:Attribute AttributeName="documentURI" AttributeNamespace="//medico.com"> <saml:AttributeValue>//medico.com/records.*</saml:AttributeValue> </saml:Attribute> </Resources> <Actions> <saml:Action>read</saml:Action> </Actions> </Target> <Condition> <Equal> <AttributeDesignator AttributeName="urn:oasis:names:tc:xacml:identifiers:AccessSubject" /> <AttributeDesignator AttributeName="patientName" /> </Equal> </Condition></Rule>
36 of 5036 of 50
XML Security ApplicationsXML Security Applications
WS Security Web Services rely on XML Protocol messages to
link applications across enterprises and platforms.
Securing those inter-connections is essential. Microsoft and IBM released a Web Services
Security architecture The Goal: Define a uniform, flexible, and
extensible security framework for Web Services.
WS Security Web Services rely on XML Protocol messages to
link applications across enterprises and platforms.
Securing those inter-connections is essential. Microsoft and IBM released a Web Services
Security architecture The Goal: Define a uniform, flexible, and
extensible security framework for Web Services.
37 of 5037 of 50
WS SecurityWS Security
Terminology Web service Security Token Signed Security Token Claims Subject Proof-of-Possession Web Service Endpoint Policy Intermediaries Actor
Terminology Web service Security Token Signed Security Token Claims Subject Proof-of-Possession Web Service Endpoint Policy Intermediaries Actor
38 of 5038 of 50
WS SecurityWS Security
Web Services Security Model Principles End-to-end security
Initial Specifications WS Security – describes attachment of signatures and
encryption headers to SOAP messages. WS Policy – describes capabilities and limitations of
endpoints and intermediaries. WS Trust – a framework for trust models in which services
can interoperate WS Privacy – describes how subjects will declare privacy
preferences
Web Services Security Model Principles End-to-end security
Initial Specifications WS Security – describes attachment of signatures and
encryption headers to SOAP messages. WS Policy – describes capabilities and limitations of
endpoints and intermediaries. WS Trust – a framework for trust models in which services
can interoperate WS Privacy – describes how subjects will declare privacy
preferences
39 of 5039 of 50
WS SecurityWS Security
Follow-On Specifications WS SecureConversation – describes how to
dynamically establish trusted connections WS Federation – describeshow to manage
relationships in a federated environment WS Authorization – describes means of data
authorizing management.
Follow-On Specifications WS SecureConversation – describes how to
dynamically establish trusted connections WS Federation – describeshow to manage
relationships in a federated environment WS Authorization – describes means of data
authorizing management.
40 of 5040 of 50
WS SecurityWS Security
Example Example
<?xml version="1.0" encoding="utf-8"?><S:Envelope xmlns:S="http://www.w3.org/2001/12/soap-envelope"
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <S:Header> <!-- WS-Security specific information here --> <wsse:BinarySecurityToken xmlns:wsse="http://schemas.xmlsoap.org/Ws/2002/04/secext"
Id="myToken" ValueType="wsse:X509v3" EncodingType="wsse:Base64Binary">
MIIEZzCCA9CgAwIBAgIQEmtJZc0... </wsse:BinarySecurityToken> <wsse:Security xmlns:wsse="http://schemas.xmlsoap.org/ws/2002/04/secext"> <ds:Signature> <!-- XML Digital Signature on the MsgBody below to provide payload integrity --> </ds:Signature> </wsse:Security> </S:Header> <!-- the Id provides a simple way for the security part of the header to refer to the body --> <S:Body Id="MsgBody"> <tru:StockSymbol xmlns:tru="http://fabrikam123.com/payloads"> QQQ </tru:StockSymbol> </S:Body></S:Envelope>
41 of 5041 of 50
Platform For Privacy PreferencePlatform For Privacy Preference
Purpose: Control access to personal information Prevent misuse of personal information Lets users control what information to
distribute Save the user to bother of reading the
policies
Purpose: Control access to personal information Prevent misuse of personal information Lets users control what information to
distribute Save the user to bother of reading the
policies
42 of 5042 of 50
P3P – Platform for Privacy PreferenceP3P – Platform for Privacy Preference
Features An XML vocabulary for defining
user’s/site’s privacy preferences Defines who collects the data For what purpose is the data being used Who can access the data Etc.
A tool for retrieving policies easily Transparency – User does not have to look
for the policies.
Features An XML vocabulary for defining
user’s/site’s privacy preferences Defines who collects the data For what purpose is the data being used Who can access the data Etc.
A tool for retrieving policies easily Transparency – User does not have to look
for the policies.
43 of 5043 of 50
TrustMeter
P3P Client ImplementationsP3P Client Implementations
Idcide Privacy Companion Browser plug in Allows user to set a privacy level, and warns when it’s
reached Keeps a tracking history
YOUpowered Orby Privacy Plus A tool bar on the desktop Basically does the same www.youpowered.com
Idcide Privacy Companion Browser plug in Allows user to set a privacy level, and warns when it’s
reached Keeps a tracking history
YOUpowered Orby Privacy Plus A tool bar on the desktop Basically does the same www.youpowered.com
44 of 5044 of 50
P3P Policy GeneratorsP3P Policy Generators
IBM P3P Policy Editor Allows websites to create policies in P3P and English http://www.alphaworks.ibm.com/tech/p3peditor
PrivacyBot.com An online interface for creating policies.
YOUpowered Consumer Trust Policy Manager Wizard http://www.youpowered.com/
IBM P3P Policy Editor Allows websites to create policies in P3P and English http://www.alphaworks.ibm.com/tech/p3peditor
PrivacyBot.com An online interface for creating policies.
YOUpowered Consumer Trust Policy Manager Wizard http://www.youpowered.com/
45 of 5045 of 50
P3P Enabled WebsitesP3P Enabled Websites www.aol.com www.att.com www.cdt.org www.engage.com www.hp.com www.ibm.com www.idcide.com
www.microsoft.com www.pg.com www.ttuhsc.edu www.youpowered.com www.vineyard.net www.w3.org www.whitehouse.gov
46 of 5046 of 50
Digital Rights ManagementDigital Rights Management
Purpose: Control the use of content according to a
license Keep this control after content is
copied/moved Allow interoperability among content viewers
Features: XrML defines a framework for expressing:
Rights, Definitions, Rules
Purpose: Control the use of content according to a
license Keep this control after content is
copied/moved Allow interoperability among content viewers
Features: XrML defines a framework for expressing:
Rights, Definitions, Rules
47 of 5047 of 50
XrML – eXtensible rights Markup LanguageXrML – eXtensible rights Markup Language
Key Concepts: Principal – unique, authenticated individual Resource – an object (i.e. – a movie, a book) Right – an action a principal can perform on a resource Grant – a right of a principal to use a resource Condition – terms which must be met to execute a
grant License – a collection of grants, along with issuer’s info
XrML uses XML to define grants and provide extensibility
XrML takes advantage of XML Signatures for signing licenses
Key Concepts: Principal – unique, authenticated individual Resource – an object (i.e. – a movie, a book) Right – an action a principal can perform on a resource Grant – a right of a principal to use a resource Condition – terms which must be met to execute a
grant License – a collection of grants, along with issuer’s info
XrML uses XML to define grants and provide extensibility
XrML takes advantage of XML Signatures for signing licenses
48 of 5048 of 50
<license xmlns:dsig='http://www.w3.org/2000/09/xmldsig#'> <inventory> <!-- PRINCIPAL specified by public key here --> <keyHolder licensePartId="issuedToParty"> <info> <dsig:KeyValue> specify public key </dsig:KeyValue> </info> </keyHolder> <!-- RESOURCE specified by URI --> <cx:digitalWork licensePartId="eBook"> <cx:locator> <nonSecureIndirect URI="http://www.contentguard.com/sampleBook.spd" /> </cx:locator> </cx:digitalWork> </inventory> <!-- collection of GRANTs including general conditions on all --> <grantGroup> <keyHolder licensePartIdRef="issuedToParty" /> <sx:fee> information about the fee, including type, amount, currency, etc</sx:fee> <grant> <!-- RIGHT to play, for the validity interval of 1 year (CONDITION) --> <cx:play /> <cx:digitalWork licensePartIdRef="eBook" /> <sx:validityIntervalFloating> validity interval, possibly unique identifier </sx:validityIntervalFloating> </grant> </grantGroup>
<issuer> <dsig:Signature> XML Digital Signature of issuer of license </dsig:Signature> <details> <timeOfIssue>2001-11-15T04:03:02</timeOfIssue> </details> </issuer></license>
XrML - ExampleXrML - Example
49 of 5049 of 50
XML Security - ConclusionXML Security - Conclusion
Using all of the described tools, XML Security provides a secure environment in which users and Web Services communicate and interact.
The base of these tools are the XML Digital Signatures and XML Encryption.
Using all of the described tools, XML Security provides a secure environment in which users and Web Services communicate and interact.
The base of these tools are the XML Digital Signatures and XML Encryption.
50 of 5050 of 50
BibliographyBibliography
XML, SOAP, XML Digital Signatures, XML Encryption, XKMS, P3P http://www.w3.org/XML/ http://www.w3.org/2000/xp/Group/ http://www.w3.org/Signature/ http://www.w3.org/Encryption/2001/ http://www.w3.org/2001/XKMS/ http://www.w3.org/P3P/
XACML www.oasis-open.org/committees/xacml/ SAML www.oasis-open.org/committees/security ,
www.simc-inc.org/archive0002/February02/ devwed1015_rouault.pdf
WS Security www.alphaworks.ibm.com/developerworks/security/library/ws-secmap/
XML, SOAP, XML Digital Signatures, XML Encryption, XKMS, P3P http://www.w3.org/XML/ http://www.w3.org/2000/xp/Group/ http://www.w3.org/Signature/ http://www.w3.org/Encryption/2001/ http://www.w3.org/2001/XKMS/ http://www.w3.org/P3P/
XACML www.oasis-open.org/committees/xacml/ SAML www.oasis-open.org/committees/security ,
www.simc-inc.org/archive0002/February02/ devwed1015_rouault.pdf
WS Security www.alphaworks.ibm.com/developerworks/security/library/ws-secmap/
