SlideShare uma empresa Scribd logo

Identity, Security and XML Web Services

Transferir como PPT, PDF
Jorgen Thelin
Jorgen Thelin

The use of security credentials and concepts of single-sign-on and “identity” play a big part in Web Services as developers start writing enterprise-grade line-of-business applications. An overview is provided of the emerging XML security credential standards such as SAML, along with various “identity” standards such as Passport and Liberty. We examine how “identity aware” Web Service implementations need to be, and the value a Web Services platform can add in reducing complexity in this area, with lessons drawn from experiences using J2EE technology for real-world security scenarios.

Tecnologia
1 de 34
Identity, Security and XML Web Services Jorgen Thelin Chief Scientist Cape Clear Software Inc. E-mail: Jorgen.Thelin@CapeClear.com
Abstract ,[object Object]
Agenda ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Cape Clear Software Inc. ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
A Definition of Identity ,[object Object],[object Object],[object Object],[object Object],[object Object]
What is Identity? ,[object Object],[object Object],[object Object],[object Object]
Identity – Who are you? ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Identity – Proof of identity ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Identity – Permissions ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Identity – Permissions and Credentials ,[object Object],[object Object],[object Object],[object Object],[object Object]
Web Services and Identity ,[object Object],[object Object],[object Object],[object Object]
Web Services and Identity 2 ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
End-to-end Security Credentials Client WS Broker WS Gateway WS Gateway Firewall Firewall Firewall Firewall EJB Public Internet XML security credentials “ The Last Mile” Web Service CORBA
Interoperable Security Credentials ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
WS-Security ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
WS-Security - Types of Security Tokens ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Typical XML Security Dialogue – Non Self-Validating Credentials Need to query the security service to validate the credentials
Typical XML Security Dialogue – Self Validating Credentials No need to query the security service to validate the credentials. Usually done by the security authority digitally signing the credentials.
SAML v1.0 ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
SAML Assertion Types ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
A Username Token in WS-Security SOAP Header ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
A Binary X509 Certificate in WS-Security SOAP Header ,[object Object]
A SAML Assertion in WS-Security SOAP Header ,[object Object]
Single-sign-on Services ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Liberty Alliance ,[object Object],[object Object],[object Object],[object Object],[object Object]
Microsoft .NET Passport ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
The Need for a Sign-on Standard – WS-Trust ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
WS-I Basic Security Profile ,[object Object],[object Object],[object Object]
Identity-awareness in Web Services ,[object Object],[object Object],[object Object]
Identity-awareness in Web Services - 2 ,[object Object],[object Object]
Identity-awareness in Web Services - 3 ,[object Object],[object Object]
Desired Web Services platform security ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Summary ,[object Object],[object Object],[object Object],[object Object],[object Object]
Resources ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Recomendados

Deciphering 'Claims-based Identity'
Deciphering 'Claims-based Identity'Deciphering 'Claims-based Identity'
Deciphering 'Claims-based Identity'
Oliver Pfaff
 
O auth2 with angular js
O auth2 with angular jsO auth2 with angular js
O auth2 with angular js
Bixlabs
 
All About SSL/TLS
All About SSL/TLSAll About SSL/TLS
All About SSL/TLS
RapidSSLOnline.com
 
SAML 101
SAML 101SAML 101
SAML 101
Echoworx
 
Saml in cloud
Saml in cloudSaml in cloud
Saml in cloud
Nagraj Rao
 
LASCON 2017: SAML v. OpenID v. Oauth
LASCON 2017: SAML v. OpenID v. OauthLASCON 2017: SAML v. OpenID v. Oauth
LASCON 2017: SAML v. OpenID v. Oauth
Mike Schwartz
 
Extending SharePoint 2010 to your customers and partners
Extending SharePoint 2010 to your customers and partnersExtending SharePoint 2010 to your customers and partners
Extending SharePoint 2010 to your customers and partners
Corey Roth
 
Introduction to SAML 2.0
Introduction to SAML 2.0Introduction to SAML 2.0
Introduction to SAML 2.0
Mika Koivisto
 

Recomendados

Deciphering 'Claims-based Identity'
Deciphering 'Claims-based Identity'Deciphering 'Claims-based Identity'
Deciphering 'Claims-based Identity'
Oliver Pfaff
 
O auth2 with angular js
O auth2 with angular jsO auth2 with angular js
O auth2 with angular js
Bixlabs
 
All About SSL/TLS
All About SSL/TLSAll About SSL/TLS
All About SSL/TLS
RapidSSLOnline.com
 
SAML 101
SAML 101SAML 101
SAML 101
Echoworx
 
Saml in cloud
Saml in cloudSaml in cloud
Saml in cloud
Nagraj Rao
 
LASCON 2017: SAML v. OpenID v. Oauth
LASCON 2017: SAML v. OpenID v. OauthLASCON 2017: SAML v. OpenID v. Oauth
LASCON 2017: SAML v. OpenID v. Oauth
Mike Schwartz
 
Extending SharePoint 2010 to your customers and partners
Extending SharePoint 2010 to your customers and partnersExtending SharePoint 2010 to your customers and partners
Extending SharePoint 2010 to your customers and partners
Corey Roth
 
Introduction to SAML 2.0
Introduction to SAML 2.0Introduction to SAML 2.0
Introduction to SAML 2.0
Mika Koivisto
 
Claim based authentaication
Claim based authentaicationClaim based authentaication
Claim based authentaication
Sean Xiong
 
CIS14: Working with OAuth and OpenID Connect
CIS14: Working with OAuth and OpenID ConnectCIS14: Working with OAuth and OpenID Connect
CIS14: Working with OAuth and OpenID Connect
CloudIDSummit
 
OAuth 2.0 and OpenId Connect
OAuth 2.0 and OpenId ConnectOAuth 2.0 and OpenId Connect
OAuth 2.0 and OpenId Connect
Saran Doraiswamy
 
Authentication and strong authentication for Web Application
Authentication and strong authentication for Web ApplicationAuthentication and strong authentication for Web Application
Authentication and strong authentication for Web Application
Sylvain Maret
 
Thawte EV SSL: A New Revolution for Trust
Thawte EV SSL: A New Revolution for TrustThawte EV SSL: A New Revolution for Trust
Thawte EV SSL: A New Revolution for Trust
RapidSSLOnline.com
 
Authentication Concepts
Authentication ConceptsAuthentication Concepts
Authentication Concepts
Charles Southerland
 
CIS14: OAuth and OpenID Connect in Action
CIS14: OAuth and OpenID Connect in ActionCIS14: OAuth and OpenID Connect in Action
CIS14: OAuth and OpenID Connect in Action
CloudIDSummit
 
SharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
SharePoint 2010, Claims-Based Identity, Facebook, and the CloudSharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
SharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
Danny Jessee
 
[Infosecworld 08 Orlando] CSRF: The Biggest Little Vulnerability on the Web
[Infosecworld 08 Orlando] CSRF: The Biggest Little Vulnerability on the Web [Infosecworld 08 Orlando] CSRF: The Biggest Little Vulnerability on the Web
[Infosecworld 08 Orlando] CSRF: The Biggest Little Vulnerability on the Web
Shreeraj Shah
 
Cloud Native Journey in Synchrony Financial
Cloud Native Journey in Synchrony FinancialCloud Native Journey in Synchrony Financial
Cloud Native Journey in Synchrony Financial
VMware Tanzu
 
SharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
SharePoint 2010, Claims-Based Identity, Facebook, and the CloudSharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
SharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
Danny Jessee
 
Protecting web APIs with OAuth 2.0
Protecting web APIs with OAuth 2.0Protecting web APIs with OAuth 2.0
Protecting web APIs with OAuth 2.0
Vladimir Dzhuvinov
 
Web Attacks - Top threats - 2010
Web Attacks - Top threats - 2010Web Attacks - Top threats - 2010
Web Attacks - Top threats - 2010
Shreeraj Shah
 
OAuth2 and Spring Security
OAuth2 and Spring SecurityOAuth2 and Spring Security
OAuth2 and Spring Security
Orest Ivasiv
 
TechEd Africa 2011 - Collaborating with Extranet Partners on SharePoint 2010
TechEd Africa 2011 - Collaborating with Extranet Partners on SharePoint 2010TechEd Africa 2011 - Collaborating with Extranet Partners on SharePoint 2010
TechEd Africa 2011 - Collaborating with Extranet Partners on SharePoint 2010
Michael Noel
 
Identity Federation on JBossAS
Identity Federation on JBossASIdentity Federation on JBossAS
Identity Federation on JBossAS
Roger CARHUATOCTO
 
RESTful Day 5
RESTful Day 5RESTful Day 5
RESTful Day 5
Akhil Mittal
 
Stateless authentication with OAuth 2 and JWT - JavaZone 2015
Stateless authentication with OAuth 2 and JWT - JavaZone 2015Stateless authentication with OAuth 2 and JWT - JavaZone 2015
Stateless authentication with OAuth 2 and JWT - JavaZone 2015
Alvaro Sanchez-Mariscal
 
Access management
Access managementAccess management
Access management
Venkatesh Jambulingam
 
Hacking Ajax & Web Services - Next Generation Web Attacks on the Rise
Hacking Ajax & Web Services - Next Generation Web Attacks on the RiseHacking Ajax & Web Services - Next Generation Web Attacks on the Rise
Hacking Ajax & Web Services - Next Generation Web Attacks on the Rise
Shreeraj Shah
 
Web-services
Web-services Web-services
Web-services
webhostingguy
 
Identity, Security, and XML Web Services -- The Importance of Interoperable S...
Identity, Security, and XML Web Services -- The Importance of Interoperable S...Identity, Security, and XML Web Services -- The Importance of Interoperable S...
Identity, Security, and XML Web Services -- The Importance of Interoperable S...
Jorgen Thelin
 

Mais conteúdo relacionado

Mais procurados

Claim based authentaication
Claim based authentaicationClaim based authentaication
Claim based authentaication
Sean Xiong
 
[Infosecworld 08 Orlando] CSRF: The Biggest Little Vulnerability on the Web
[Infosecworld 08 Orlando] CSRF: The Biggest Little Vulnerability on the Web [Infosecworld 08 Orlando] CSRF: The Biggest Little Vulnerability on the Web
[Infosecworld 08 Orlando] CSRF: The Biggest Little Vulnerability on the Web
Shreeraj Shah
 
Cloud Native Journey in Synchrony Financial
Cloud Native Journey in Synchrony FinancialCloud Native Journey in Synchrony Financial
Cloud Native Journey in Synchrony Financial
VMware Tanzu
 
TechEd Africa 2011 - Collaborating with Extranet Partners on SharePoint 2010
TechEd Africa 2011 - Collaborating with Extranet Partners on SharePoint 2010TechEd Africa 2011 - Collaborating with Extranet Partners on SharePoint 2010
TechEd Africa 2011 - Collaborating with Extranet Partners on SharePoint 2010
Michael Noel
 
Identity Federation on JBossAS
Identity Federation on JBossASIdentity Federation on JBossAS
Identity Federation on JBossAS
Roger CARHUATOCTO
 
Stateless authentication with OAuth 2 and JWT - JavaZone 2015
Stateless authentication with OAuth 2 and JWT - JavaZone 2015Stateless authentication with OAuth 2 and JWT - JavaZone 2015
Stateless authentication with OAuth 2 and JWT - JavaZone 2015
Alvaro Sanchez-Mariscal
 

Mais procurados (20)

Claim based authentaication
Claim based authentaicationClaim based authentaication
Claim based authentaication
 
CIS14: Working with OAuth and OpenID Connect
CIS14: Working with OAuth and OpenID ConnectCIS14: Working with OAuth and OpenID Connect
CIS14: Working with OAuth and OpenID Connect
 
OAuth 2.0 and OpenId Connect
OAuth 2.0 and OpenId ConnectOAuth 2.0 and OpenId Connect
OAuth 2.0 and OpenId Connect
 
Authentication and strong authentication for Web Application
Authentication and strong authentication for Web ApplicationAuthentication and strong authentication for Web Application
Authentication and strong authentication for Web Application
 
Thawte EV SSL: A New Revolution for Trust
Thawte EV SSL: A New Revolution for TrustThawte EV SSL: A New Revolution for Trust
Thawte EV SSL: A New Revolution for Trust
 
Authentication Concepts
Authentication ConceptsAuthentication Concepts
Authentication Concepts
 
CIS14: OAuth and OpenID Connect in Action
CIS14: OAuth and OpenID Connect in ActionCIS14: OAuth and OpenID Connect in Action
CIS14: OAuth and OpenID Connect in Action
 
SharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
SharePoint 2010, Claims-Based Identity, Facebook, and the CloudSharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
SharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
 
[Infosecworld 08 Orlando] CSRF: The Biggest Little Vulnerability on the Web
[Infosecworld 08 Orlando] CSRF: The Biggest Little Vulnerability on the Web [Infosecworld 08 Orlando] CSRF: The Biggest Little Vulnerability on the Web
[Infosecworld 08 Orlando] CSRF: The Biggest Little Vulnerability on the Web
 
Cloud Native Journey in Synchrony Financial
Cloud Native Journey in Synchrony FinancialCloud Native Journey in Synchrony Financial
Cloud Native Journey in Synchrony Financial
 
SharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
SharePoint 2010, Claims-Based Identity, Facebook, and the CloudSharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
SharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
 
Protecting web APIs with OAuth 2.0
Protecting web APIs with OAuth 2.0Protecting web APIs with OAuth 2.0
Protecting web APIs with OAuth 2.0
 
Web Attacks - Top threats - 2010
Web Attacks - Top threats - 2010Web Attacks - Top threats - 2010
Web Attacks - Top threats - 2010
 
OAuth2 and Spring Security
OAuth2 and Spring SecurityOAuth2 and Spring Security
OAuth2 and Spring Security
 
TechEd Africa 2011 - Collaborating with Extranet Partners on SharePoint 2010
TechEd Africa 2011 - Collaborating with Extranet Partners on SharePoint 2010TechEd Africa 2011 - Collaborating with Extranet Partners on SharePoint 2010
TechEd Africa 2011 - Collaborating with Extranet Partners on SharePoint 2010
 
Identity Federation on JBossAS
Identity Federation on JBossASIdentity Federation on JBossAS
Identity Federation on JBossAS
 
RESTful Day 5
RESTful Day 5RESTful Day 5
RESTful Day 5
 
Stateless authentication with OAuth 2 and JWT - JavaZone 2015
Stateless authentication with OAuth 2 and JWT - JavaZone 2015Stateless authentication with OAuth 2 and JWT - JavaZone 2015
Stateless authentication with OAuth 2 and JWT - JavaZone 2015
 
Access management
Access managementAccess management
Access management
 
Hacking Ajax & Web Services - Next Generation Web Attacks on the Rise
Hacking Ajax & Web Services - Next Generation Web Attacks on the RiseHacking Ajax & Web Services - Next Generation Web Attacks on the Rise
Hacking Ajax & Web Services - Next Generation Web Attacks on the Rise
 

Semelhante a Identity, Security and XML Web Services

Identity, Security, and XML Web Services -- The Importance of Interoperable S...
Identity, Security, and XML Web Services -- The Importance of Interoperable S...Identity, Security, and XML Web Services -- The Importance of Interoperable S...
Identity, Security, and XML Web Services -- The Importance of Interoperable S...
Jorgen Thelin
 
Identity 2.0 and User-Centric Identity
Identity 2.0 and User-Centric IdentityIdentity 2.0 and User-Centric Identity
Identity 2.0 and User-Centric Identity
Oliver Pfaff
 
Website Security Certification The Key to Keeping Your Website Safe
Website Security Certification The Key to Keeping Your Website SafeWebsite Security Certification The Key to Keeping Your Website Safe
Website Security Certification The Key to Keeping Your Website Safe
Pixlogix Infotech
 
the-most-dangerous-code-in-the-world
the-most-dangerous-code-in-the-worldthe-most-dangerous-code-in-the-world
the-most-dangerous-code-in-the-world
Martin Georgiev
 
the-most-dangerous-code-in-the-world
the-most-dangerous-code-in-the-worldthe-most-dangerous-code-in-the-world
the-most-dangerous-code-in-the-world
Martin Georgiev
 

Semelhante a Identity, Security and XML Web Services (20)

Web-services
Web-services Web-services
Web-services
 
Identity, Security, and XML Web Services -- The Importance of Interoperable S...
Identity, Security, and XML Web Services -- The Importance of Interoperable S...Identity, Security, and XML Web Services -- The Importance of Interoperable S...
Identity, Security, and XML Web Services -- The Importance of Interoperable S...
 
SSL Certificate: Stamp of Web Security
SSL Certificate: Stamp of Web SecuritySSL Certificate: Stamp of Web Security
SSL Certificate: Stamp of Web Security
 
A Complete RapidSSL Guide on Securing Online Business with SSL Certificate
A Complete RapidSSL Guide on Securing Online Business with SSL CertificateA Complete RapidSSL Guide on Securing Online Business with SSL Certificate
A Complete RapidSSL Guide on Securing Online Business with SSL Certificate
 
Understanding Digital Certificates & Secure Sockets Layer
Understanding Digital Certificates & Secure Sockets LayerUnderstanding Digital Certificates & Secure Sockets Layer
Understanding Digital Certificates & Secure Sockets Layer
 
Lotusphere 2011 SHOW104
Lotusphere 2011 SHOW104Lotusphere 2011 SHOW104
Lotusphere 2011 SHOW104
 
Certificates and Web of Trust
Certificates and Web of TrustCertificates and Web of Trust
Certificates and Web of Trust
 
Security and information assurance
Security and information assuranceSecurity and information assurance
Security and information assurance
 
Understanding The World Of SSL Certificates.pdf
Understanding The World Of SSL Certificates.pdfUnderstanding The World Of SSL Certificates.pdf
Understanding The World Of SSL Certificates.pdf
 
Identity 2.0 and User-Centric Identity
Identity 2.0 and User-Centric IdentityIdentity 2.0 and User-Centric Identity
Identity 2.0 and User-Centric Identity
 
Hidden Dangers Lurking in E-Commerce and Reducing Fraud with the Right SSL Ce...
Hidden Dangers Lurking in E-Commerce and Reducing Fraud with the Right SSL Ce...Hidden Dangers Lurking in E-Commerce and Reducing Fraud with the Right SSL Ce...
Hidden Dangers Lurking in E-Commerce and Reducing Fraud with the Right SSL Ce...
 
Website Security Certification The Key to Keeping Your Website Safe
Website Security Certification The Key to Keeping Your Website SafeWebsite Security Certification The Key to Keeping Your Website Safe
Website Security Certification The Key to Keeping Your Website Safe
 
What is Advanced Web Servicels.pdf
What is Advanced Web Servicels.pdfWhat is Advanced Web Servicels.pdf
What is Advanced Web Servicels.pdf
 
Types of SSL Certificates for Every Business Need
Types of SSL Certificates for Every Business NeedTypes of SSL Certificates for Every Business Need
Types of SSL Certificates for Every Business Need
 
Managing Identity and Securing Your Mobile and Web Applications with Amazon C...
Managing Identity and Securing Your Mobile and Web Applications with Amazon C...Managing Identity and Securing Your Mobile and Web Applications with Amazon C...
Managing Identity and Securing Your Mobile and Web Applications with Amazon C...
 
Digital certificates in e commerce
Digital certificates in e commerceDigital certificates in e commerce
Digital certificates in e commerce
 
the-most-dangerous-code-in-the-world
the-most-dangerous-code-in-the-worldthe-most-dangerous-code-in-the-world
the-most-dangerous-code-in-the-world
 
the-most-dangerous-code-in-the-world
the-most-dangerous-code-in-the-worldthe-most-dangerous-code-in-the-world
the-most-dangerous-code-in-the-world
 
Shmat ccs12
Shmat ccs12Shmat ccs12
Shmat ccs12
 
Vps server 14
Vps server 14Vps server 14
Vps server 14
 

Mais de Jorgen Thelin

Orleans: Cloud Computing for Everyone - SOCC 2011
Orleans: Cloud Computing for Everyone - SOCC 2011Orleans: Cloud Computing for Everyone - SOCC 2011
Orleans: Cloud Computing for Everyone - SOCC 2011
Jorgen Thelin
 
The New Enterprise Alphabet - .Net, XML And XBRL
The New Enterprise Alphabet - .Net, XML And XBRLThe New Enterprise Alphabet - .Net, XML And XBRL
The New Enterprise Alphabet - .Net, XML And XBRL
Jorgen Thelin
 
WS-* Specifications Update 2007
WS-* Specifications Update 2007WS-* Specifications Update 2007
WS-* Specifications Update 2007
Jorgen Thelin
 
WS-* Protocol Workshop Process Overview
WS-* Protocol Workshop Process OverviewWS-* Protocol Workshop Process Overview
WS-* Protocol Workshop Process Overview
Jorgen Thelin
 
Web Services and Devices Profile for Web Services (DPWS)
Web Services and Devices Profile for Web Services (DPWS)Web Services and Devices Profile for Web Services (DPWS)
Web Services and Devices Profile for Web Services (DPWS)
Jorgen Thelin
 
Web Services Discovery for Devices
Web Services Discovery for DevicesWeb Services Discovery for Devices
Web Services Discovery for Devices
Jorgen Thelin
 
Overview of Windows Vista Devices and Windows Communication Foundation (WCF)
Overview of Windows Vista Devices and Windows Communication Foundation (WCF)Overview of Windows Vista Devices and Windows Communication Foundation (WCF)
Overview of Windows Vista Devices and Windows Communication Foundation (WCF)
Jorgen Thelin
 
Making Sense Of Web Services
Making Sense Of Web ServicesMaking Sense Of Web Services
Making Sense Of Web Services
Jorgen Thelin
 
Interoperability and Windows Communication Foundation (WCF) Overview
Interoperability and Windows Communication Foundation (WCF) OverviewInteroperability and Windows Communication Foundation (WCF) Overview
Interoperability and Windows Communication Foundation (WCF) Overview
Jorgen Thelin
 
Real World Business Interoperability
Real World Business InteroperabilityReal World Business Interoperability
Real World Business Interoperability
Jorgen Thelin
 
Achieving Interoperability Through Web Services
Achieving Interoperability Through Web ServicesAchieving Interoperability Through Web Services
Achieving Interoperability Through Web Services
Jorgen Thelin
 
Zero-Defects Plug and Play -- General Quality Frameworks and Processes for Ac...
Zero-Defects Plug and Play -- General Quality Frameworks and Processes for Ac...Zero-Defects Plug and Play -- General Quality Frameworks and Processes for Ac...
Zero-Defects Plug and Play -- General Quality Frameworks and Processes for Ac...
Jorgen Thelin
 
Web Service Oriented Architecture
Web Service Oriented ArchitectureWeb Service Oriented Architecture
Web Service Oriented Architecture
Jorgen Thelin
 
Web Services Container
Web Services ContainerWeb Services Container
Web Services Container
Jorgen Thelin
 

Mais de Jorgen Thelin (20)

The Internet of Cars - Towards the Future of the Connected Car
The Internet of Cars - Towards the Future of the Connected CarThe Internet of Cars - Towards the Future of the Connected Car
The Internet of Cars - Towards the Future of the Connected Car
 
Orleans: Cloud Computing for Everyone - SOCC 2011
Orleans: Cloud Computing for Everyone - SOCC 2011Orleans: Cloud Computing for Everyone - SOCC 2011
Orleans: Cloud Computing for Everyone - SOCC 2011
 
Identity Services Drilldown - TechEd NA 2009
Identity Services Drilldown - TechEd NA 2009Identity Services Drilldown - TechEd NA 2009
Identity Services Drilldown - TechEd NA 2009
 
Protecting Online Identities - MIX09
Protecting Online Identities - MIX09Protecting Online Identities - MIX09
Protecting Online Identities - MIX09
 
Live Identity Services Drilldown - PDC 2008
Live Identity Services Drilldown - PDC 2008Live Identity Services Drilldown - PDC 2008
Live Identity Services Drilldown - PDC 2008
 
The New Enterprise Alphabet - .Net, XML And XBRL
The New Enterprise Alphabet - .Net, XML And XBRLThe New Enterprise Alphabet - .Net, XML And XBRL
The New Enterprise Alphabet - .Net, XML And XBRL
 
WS-* Specifications Update 2007
WS-* Specifications Update 2007WS-* Specifications Update 2007
WS-* Specifications Update 2007
 
WS-* Protocol Workshop Process Overview
WS-* Protocol Workshop Process OverviewWS-* Protocol Workshop Process Overview
WS-* Protocol Workshop Process Overview
 
Web Services and Devices Profile for Web Services (DPWS)
Web Services and Devices Profile for Web Services (DPWS)Web Services and Devices Profile for Web Services (DPWS)
Web Services and Devices Profile for Web Services (DPWS)
 
Web Services Discovery for Devices
Web Services Discovery for DevicesWeb Services Discovery for Devices
Web Services Discovery for Devices
 
Overview of Windows Vista Devices and Windows Communication Foundation (WCF)
Overview of Windows Vista Devices and Windows Communication Foundation (WCF)Overview of Windows Vista Devices and Windows Communication Foundation (WCF)
Overview of Windows Vista Devices and Windows Communication Foundation (WCF)
 
Making Sense Of Web Services
Making Sense Of Web ServicesMaking Sense Of Web Services
Making Sense Of Web Services
 
Interoperability and Windows Communication Foundation (WCF) Overview
Interoperability and Windows Communication Foundation (WCF) OverviewInteroperability and Windows Communication Foundation (WCF) Overview
Interoperability and Windows Communication Foundation (WCF) Overview
 
Real World Business Interoperability
Real World Business InteroperabilityReal World Business Interoperability
Real World Business Interoperability
 
Achieving Interoperability Through Web Services
Achieving Interoperability Through Web ServicesAchieving Interoperability Through Web Services
Achieving Interoperability Through Web Services
 
Zero-Defects Plug and Play -- General Quality Frameworks and Processes for Ac...
Zero-Defects Plug and Play -- General Quality Frameworks and Processes for Ac...Zero-Defects Plug and Play -- General Quality Frameworks and Processes for Ac...
Zero-Defects Plug and Play -- General Quality Frameworks and Processes for Ac...
 
Web Services Security Tutorial
Web Services Security TutorialWeb Services Security Tutorial
Web Services Security Tutorial
 
Web Service Oriented Architecture
Web Service Oriented ArchitectureWeb Service Oriented Architecture
Web Service Oriented Architecture
 
Web Services Container
Web Services ContainerWeb Services Container
Web Services Container
 
Server Farms and XML Web Services
Server Farms and XML Web ServicesServer Farms and XML Web Services
Server Farms and XML Web Services
 

Último

Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Principled Technologies
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 

Último (20)

Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 

Identity, Security and XML Web Services

  • 1. Identity, Security and XML Web Services Jorgen Thelin Chief Scientist Cape Clear Software Inc. E-mail: Jorgen.Thelin@CapeClear.com
  • 2.
  • 3.
  • 4.
  • 5.
  • 6.
  • 7.
  • 8.
  • 9.
  • 10.
  • 11.
  • 12.
  • 13. End-to-end Security Credentials Client WS Broker WS Gateway WS Gateway Firewall Firewall Firewall Firewall EJB Public Internet XML security credentials “ The Last Mile” Web Service CORBA
  • 14.
  • 15.
  • 16.
  • 17. Typical XML Security Dialogue – Non Self-Validating Credentials Need to query the security service to validate the credentials
  • 18. Typical XML Security Dialogue – Self Validating Credentials No need to query the security service to validate the credentials. Usually done by the security authority digitally signing the credentials.
  • 19.
  • 20.
  • 21.
  • 22.
  • 23.
  • 24.
  • 25.
  • 26.
  • 27.
  • 28.
  • 29.
  • 30.
  • 31.
  • 32.
  • 33.
  • 34.