SlideShare uma empresa Scribd logo

A Framework for Obligation Fulfillment in REST Services

R
ruyalarcon

WS-REST 2011. Second International Workshop on RESTful Design. Chairs: Cesare Pautasso, Erik Wilde, Rosa Alarcon. <br> Security Session. John Field, Stephen Graham and Tom Maguire

1 de 24
Baixar para ler offline
A Framework for Obligation Fulfillment in REST Services WS-REST 2011 John Field Senior Technologist EMC Office of the CTO Joint work with Steven Graham and Tom Maguire © Copyright 2011 EMC Corporation. All rights reserved. 1
Agenda   Introduction –  Motivating Use Case   Modeling Obligations –  Definitions, Architectural Roles   Extending Spring Security –  Design and Implementation   Obligation Design Patterns –  Metadata, Compatibility with REST Constraints   Obligation-enhanced Operations –  Development, Test, Deployment.   Conclusion –  Q&A, and Open Discussion © Copyright 2011 EMC Corporation. All rights reserved. 2
What is an Obligation?   An Obligation is an expression of non-functional or cross-cutting requirements –  The scope of which transcends any specific service… –  …But for which the service bears an enforcement responsibility.   Example: The regulatory requirements imposed upon processing of Electronic Health Records (EHR). © Copyright 2011 EMC Corporation. All rights reserved. 3
A Motivating Use Case: E-Health Records   Example: –  “A patient’s records may be released to a 3rd party, but only on a secure channel, and in a redacted form, and only with an appropriate notification to the parent or guardian within 24 hours”.   The implied requirements go beyond a simple “Permit” or “Deny” authorization decision, and include: –  Privacy/Redaction –  Records Retention –  Patient and/or guardian notifications –  Complex conditional authorization rules –  Etc. © Copyright 2011 EMC Corporation. All rights reserved. 4
A Motivating Use Case: E-Health Records of requirements are also subject to   These types change, and may not even be known until deployment time. –  Making design, development, and product roadmap planning even more difficult.   Developers need a way to satisfy these requirements, while avoiding tangling the non-functional and cross- cutting GRC code into their core service logic. –  Question: Can we help by creating an appropriate developer framework?   Finally, note that use cases like this create challenges for many different stakeholders, not just developers: –  Product Managers –  Security Administrators –  Auditors © Copyright 2011 EMC Corporation. All rights reserved. 5
Modeling Obligations   Obligations can be modeled as an extension to the classical conceptual model used for security enforcement. Policy Policy Administration Decision Point Point Policy Enforcement Point © Copyright 2011 EMC Corporation. All rights reserved. 6
Conceptual Model for Obligations 4.  Policy Request Policy 5.  Policy Response Policy Administration Decision Point Point 3.  Decision Request 1.  Define Policy w/Obligations 6.  Decision Semantic Response Contract …with Obligations Policy 7.  Enforce Enforcement Decision, Point and Fulfill 2.  Request Resource 8.  Return Resource Obligations Representation © Copyright 2011 EMC Corporation. All rights reserved. 7
Conceptual Model for Obligations Policy Policy Administration Decision Point Point   The PAP defines the Obligations.   The PEP fulfills the Obligations. Policy   The PDP is a trusted intermediary. Enforcement Point   Instantiates the obligation assertions,   Does not otherwise interpret or enforce the obligation.   Obligations extend the interface contract between the PDP and the PEP, and the semantic contract between the PEP and the PAP. © Copyright 2011 EMC Corporation. All rights reserved. 8
A Standardized Model for Obligations   The OASIS XACML Technical Committee has defined a standard conceptual model for obligations. –  Boolean response + Obligation URN + attribute metadata. –  …unordered collection of strongly typed attributes, with values associated at runtime.   Permit…but do urn:emc:cto:obl:poc:1 with attributes   Deny…and do urn:emc:cto:obl:poc:2 with attributes   Our implementation was inspired by the XACML core standard, but is not a complete implementation.   Our design choices were driven by the desire to support REST developers who are already using a services framework such as Apache CXF or Spring MVC, along with Spring Security. © Copyright 2011 EMC Corporation. All rights reserved. 9
Developer Enablement via the Spring Framework   Effective use of obligations requires support via a developer framework. –  Framework-based enforcement ensures appropriate:   Separation of concerns in the Java code   Separation of skills and responsibilities between application development and application deployment.   The Spring Framework is the de facto standard for Java developers –  Thus, we explored what could be done to provide support for obligations via Spring Security. © Copyright 2011 EMC Corporation. All rights reserved. 10
Extending Spring Security   Spring Security’s features are extensible through the use of dependency injection. –  We designed and implemented the new obligation- aware components, and then configured these using DI.   The new components are designed to co-exist with the installed base. –  But to ensure that fulfillment occurs, deployers must be sure to configure the obligation-aware components first. © Copyright 2011 EMC Corporation. All rights reserved. 11
Servlet  Container     Delega�ngFilterProxy   Other  Servlet  Filters         …                       …   Spring  IoC  Container   © Copyright 2011 EMC Corporation. All rights reserved. 12
Inside the Spring Security Filter Other     Servlet     Filters   Chain Security   Authent-­‐   Session   Author-­‐   Context   ica�on   Management   iza�on   Persistence   Allowed Denied Securit Authen�ca�on   Access y ROLE_XXX   Decision Contex Manager t © Copyright 2011 EMC Corporation. All rights reserved. 13
Supporting Obligations in Other     Servlet     Filters   Spring Security Obliga�on   Fulfillers   Security   Obliga�on   Authent-­‐   Session   Author-­‐   Obliga�on   Context   Enhanced   ica�on   Management   iza�on   Fulfiller   Persistence   Security   Filter   Context   Persistence   Allowed Allowed, but… Obligatio Denied Obligatio Securit n Pa PiP n Access Denied and… y Enhanced Authen�ca�on   PiP Enhanced Decision Contex Security ROLE_XXX   P Access Manager t Context PiP Obliga�ons   Decision PiP   PiP Fulfiller   PiP PiP Manager Registry   © Copyright 2011 EMC Corporation. All rights reserved. 14
What about Obligations related Other     X   Servlet     Filters   to “Access Denied”? Obliga�on   Fulfillers   Security   Obliga�on   Authent-­‐   Session   Author-­‐   Deny   Obliga�on   Context   Enhanced   ica�on   Management   Obliga�on   Fulfiller   iza�on   Persistence   Security   Fulfiller   Filter   Context   Filter   Persistence   Obliga�on   Fulfillers   Obligatio Obligatio Securit n n Pa PiP Access y Enhanced Authen�ca�on   PiP Enhanced Decision Contex Security ROLE_XXX   P Access Manager t Context PiP Obliga�ons   Decision PiP   PiP Fulfiller   PiP   PiP Fulfiller   PiP PiP Manager Registry   Registry   © Copyright 2011 EMC Corporation. All rights reserved. 15
General Obligation Design Pattern Q: When should software designers use obligations? A: When there is a requirement for a supplementary policy enforcement action that is: –  Application-centric, but not application-specific. –  The supplementary enforcement is concurrent with the processing of a specific user transaction. –  Enforcement action may be independent of the outcome of the user transaction. –  Enforcement requirement specified at deployment time.   Requirement may not yet be known at application design time © Copyright 2011 EMC Corporation. All rights reserved. 16
Metadata for Obligations Representing and Managing both the Implict and Explicit Properties   No standards exist for the metadata properties that characterize the obligation behaviors.   Our analysis led to the following table: Obl. Obl. Directly Directly Fires Before Fires After Side Synchro- Category Type Modifies Modifies Resource Resource Effects? nized* Request? Response? Access? Access? GRC Policy No No Yes No Yes. No Mgmt PAP updated Security, Audit No No No Yes Yes. No SIEM Logging Logs updated SLA Resource No Yes No Yes None No Mgmt *Synchronized before response sent to client? © Copyright 2011 EMC Corporation. All rights reserved. 17
Obligation Management Consistent with REST   Obligations must themselves be considered REST resources. –  They are addressable, cacheable, resources.   The linked data representation of the obligation should include –  Implicit metadata properties, as described above –  Explicit relationships with other resources, i.e. a type, such as a Patient application or record.   The obligation management system must exhibit the appropriate emergent properties: –  Loose coupling through the uniform interface, scalability, visibility © Copyright 2011 EMC Corporation. All rights reserved. 18
Compatibility With HATEOAS Constraint   Obligations can have a direct impact on the resource representation that is delivered to the client. –  The client may or may not be made aware that obligation fulfillment has occurred.   Either scenario can maintain complete adherence to the HATEOAS constraint. –  The representation must contain a consistent metadata set, via appropriate links, and media types. –  i.e. one could represent the required fulfillments through the use of specific media types   Content-Type, maybe Accept headers. © Copyright 2011 EMC Corporation. All rights reserved. 19
Compatibility with the Layered System Constraint   Our current prototype is based upon an in-process model. –  Targeted to the installed base of Java + Spring Framework developers.   One can also envision other fulfillment models.   The layered system and uniform interface constraints of REST ensure that clients and servers may rely upon arbitrary intermediaries to provide fulfillment. –  This approach may have advantages when in-process fulfillment is not convenient or achievable.   An out-of-process fulfillment option again highlights the importance of defining obligations as addressable resources –  As the intermediary may be a shared component supporting more than one administrative domain, i.e. in a Cloud Service. © Copyright 2011 EMC Corporation. All rights reserved. 20
Obligation-enhanced Development Application Deployment Developer Engineer design/code/ test/deploy Production test/release GRC Admin Security … Admin Auditor - Add GRC obligations - Tailor fulfillers - Add security obligations - Test - Tailor fulfillers - Test - Validate compliance via tool GRC Obligation - Compare to best practices Packages Security - Monitor regulatory changes Repository Obligation Packages Repository Obligation Developer Industry Standard Obligation - Build new obligation fulfillers Packages Repository - Tailor existing obligation fulfillers © Copyright 2011 EMC Corporation. All rights reserved. 21
Operational Benefits of Obligations   For the developer –  obligations provide a consistent and standardizable mechanism to enable injection of application-centric GRC controls at design, development or deployment time.   For the security admin –  obligations provide a mechanism to enable applications to effectively leverage an existing XACML-based enterprise entitlement management infrastructure.   For the deployment engineer –  obligations can also be used to customize a generic application in support of specific corporate policies.   including adjustments required for different localities or geographies.   For the auditor –  obligations are an effective way to factor and package the code that implements any application-independent or well-known controls. © Copyright 2011 EMC Corporation. All rights reserved. 22
Q&A © Copyright 2011 EMC Corporation. All rights reserved. 23
THANK YOU © Copyright 2011 EMC Corporation. All rights reserved. 24

Recomendados

Sim Energy Brochure Carbon Management
Sim Energy Brochure Carbon ManagementSim Energy Brochure Carbon Management
Sim Energy Brochure Carbon Management
Andy_Watson_Sim
 
Heizer om10 ch11_s-outsourching
Heizer om10 ch11_s-outsourchingHeizer om10 ch11_s-outsourching
Heizer om10 ch11_s-outsourching
Rozaimi Mohd Saad
 
6th Wave member Trento Health & Well Being Territorial Lab
6th Wave member Trento Health & Well Being Territorial Lab6th Wave member Trento Health & Well Being Territorial Lab
6th Wave member Trento Health & Well Being Territorial Lab
European Network of Living Labs (ENoLL)
 
Final boma may 2012 renewable energy and environmental(1)
Final boma may 2012 renewable energy and environmental(1)Final boma may 2012 renewable energy and environmental(1)
Final boma may 2012 renewable energy and environmental(1)
The Entech Group, Inc.
 
BPO Philippines
BPO PhilippinesBPO Philippines
BPO Philippines
cyap09
 
Effective simplicity rotterdam
Effective simplicity rotterdamEffective simplicity rotterdam
Effective simplicity rotterdam
saskiamenkel
 
Fcc Resultados 2009 I
Fcc Resultados 2009 IFcc Resultados 2009 I
Fcc Resultados 2009 I
Naoll MARY
 
M12S05 - CASE STUDY: Leveraging Content Analytics to Kick-Start your Informat...
M12S05 - CASE STUDY: Leveraging Content Analytics to Kick-Start your Informat...M12S05 - CASE STUDY: Leveraging Content Analytics to Kick-Start your Informat...
M12S05 - CASE STUDY: Leveraging Content Analytics to Kick-Start your Informat...
MER Conference
 

Recomendados

Sim Energy Brochure Carbon Management
Sim Energy Brochure Carbon ManagementSim Energy Brochure Carbon Management
Sim Energy Brochure Carbon Management
Andy_Watson_Sim
 
Heizer om10 ch11_s-outsourching
Heizer om10 ch11_s-outsourchingHeizer om10 ch11_s-outsourching
Heizer om10 ch11_s-outsourching
Rozaimi Mohd Saad
 
6th Wave member Trento Health & Well Being Territorial Lab
6th Wave member Trento Health & Well Being Territorial Lab6th Wave member Trento Health & Well Being Territorial Lab
6th Wave member Trento Health & Well Being Territorial Lab
European Network of Living Labs (ENoLL)
 
Final boma may 2012 renewable energy and environmental(1)
Final boma may 2012 renewable energy and environmental(1)Final boma may 2012 renewable energy and environmental(1)
Final boma may 2012 renewable energy and environmental(1)
The Entech Group, Inc.
 
BPO Philippines
BPO PhilippinesBPO Philippines
BPO Philippines
cyap09
 
Effective simplicity rotterdam
Effective simplicity rotterdamEffective simplicity rotterdam
Effective simplicity rotterdam
saskiamenkel
 
Fcc Resultados 2009 I
Fcc Resultados 2009 IFcc Resultados 2009 I
Fcc Resultados 2009 I
Naoll MARY
 
M12S05 - CASE STUDY: Leveraging Content Analytics to Kick-Start your Informat...
M12S05 - CASE STUDY: Leveraging Content Analytics to Kick-Start your Informat...M12S05 - CASE STUDY: Leveraging Content Analytics to Kick-Start your Informat...
M12S05 - CASE STUDY: Leveraging Content Analytics to Kick-Start your Informat...
MER Conference
 
EEI 2009
EEI 2009EEI 2009
EEI 2009
guestbc185a
 
Optimization -continuous ux improvement (1-7-13)
Optimization -continuous ux improvement (1-7-13)Optimization -continuous ux improvement (1-7-13)
Optimization -continuous ux improvement (1-7-13)
Debra Martin, PMP
 
Heizer om10 ch16-jit and lean operations
Heizer om10 ch16-jit and lean operationsHeizer om10 ch16-jit and lean operations
Heizer om10 ch16-jit and lean operations
Rozaimi Mohd Saad
 
Anglo American 2012 SRI Analyst Presentation
Anglo American 2012 SRI Analyst PresentationAnglo American 2012 SRI Analyst Presentation
Anglo American 2012 SRI Analyst Presentation
Anglo American
 
Carlsberg lessons learned from re-tendering an international infrastructure ...
Carlsberg lessons learned from re-tendering an international infrastructure ...Carlsberg lessons learned from re-tendering an international infrastructure ...
Carlsberg lessons learned from re-tendering an international infrastructure ...
IFCLA - International Federation of Computer Law Associations
 
Generic work description
Generic work descriptionGeneric work description
Generic work description
Tapio Meskanen
 
Flevy.com - Finance and Valuation Basics
Flevy.com - Finance and Valuation BasicsFlevy.com - Finance and Valuation Basics
Flevy.com - Finance and Valuation Basics
David Tracy
 
Jan Duffy - UK/Canada: L'esperienza degli Shared Services Centers in UK e in ...
Jan Duffy - UK/Canada: L'esperienza degli Shared Services Centers in UK e in ...Jan Duffy - UK/Canada: L'esperienza degli Shared Services Centers in UK e in ...
Jan Duffy - UK/Canada: L'esperienza degli Shared Services Centers in UK e in ...
innoforum09
 
Lessons in Enterprise Architecture and IT Service Management by Charles Betz,...
Lessons in Enterprise Architecture and IT Service Management by Charles Betz,...Lessons in Enterprise Architecture and IT Service Management by Charles Betz,...
Lessons in Enterprise Architecture and IT Service Management by Charles Betz,...
Institut Lean France
 
Heizer om10 ch02
Heizer om10 ch02Heizer om10 ch02
Heizer om10 ch02
Rozaimi Mohd Saad
 
Cdp nordic-260-climate-change-report-2012
Cdp nordic-260-climate-change-report-2012Cdp nordic-260-climate-change-report-2012
Cdp nordic-260-climate-change-report-2012
Agency of Industrial Marketing
 
E Services Forum Exec Sum Jan 2011
E Services Forum Exec Sum Jan 2011E Services Forum Exec Sum Jan 2011
E Services Forum Exec Sum Jan 2011
Ian McKenna
 
Sustainable Infrastructure
Sustainable InfrastructureSustainable Infrastructure
Sustainable Infrastructure
State of Utah, Salt Lake City
 
IMUNOXY2003
IMUNOXY2003IMUNOXY2003
IMUNOXY2003
Web Seo Indonesia
 
format transaksi kabel pulsa
format transaksi kabel pulsaformat transaksi kabel pulsa
format transaksi kabel pulsa
Web Seo Indonesia
 
14. internet video 2011-яковлев
14. internet video 2011-яковлев14. internet video 2011-яковлев
14. internet video 2011-яковлев
Aleksey Naumkin
 
Inkscape
InkscapeInkscape
Inkscape
Mary Kso
 
Planability ETI short exhibition contractorss
Planability ETI short exhibition contractorssPlanability ETI short exhibition contractorss
Planability ETI short exhibition contractorss
PlanabilityETI
 
2016 Conduit Program
2016 Conduit Program2016 Conduit Program
2016 Conduit Program
STC-Philadelphia Metro Chapter
 
Data center dynamics ver. 1.0
Data center dynamics ver. 1.0Data center dynamics ver. 1.0
Data center dynamics ver. 1.0
Hajime Arimoto
 
Tameer monday 23 feb 2015
Tameer monday 23 feb 2015Tameer monday 23 feb 2015
Tameer monday 23 feb 2015
Khurram Ahmad
 
Work Samples
Work SamplesWork Samples
Work Samples
EggersP
 

Mais conteúdo relacionado

Mais procurados

Optimization -continuous ux improvement (1-7-13)
Optimization -continuous ux improvement (1-7-13)Optimization -continuous ux improvement (1-7-13)
Optimization -continuous ux improvement (1-7-13)
Debra Martin, PMP
 
Heizer om10 ch16-jit and lean operations
Heizer om10 ch16-jit and lean operationsHeizer om10 ch16-jit and lean operations
Heizer om10 ch16-jit and lean operations
Rozaimi Mohd Saad
 

Mais procurados (13)

EEI 2009
EEI 2009EEI 2009
EEI 2009
 
Optimization -continuous ux improvement (1-7-13)
Optimization -continuous ux improvement (1-7-13)Optimization -continuous ux improvement (1-7-13)
Optimization -continuous ux improvement (1-7-13)
 
Heizer om10 ch16-jit and lean operations
Heizer om10 ch16-jit and lean operationsHeizer om10 ch16-jit and lean operations
Heizer om10 ch16-jit and lean operations
 
Anglo American 2012 SRI Analyst Presentation
Anglo American 2012 SRI Analyst PresentationAnglo American 2012 SRI Analyst Presentation
Anglo American 2012 SRI Analyst Presentation
 
Carlsberg lessons learned from re-tendering an international infrastructure ...
Carlsberg lessons learned from re-tendering an international infrastructure ...Carlsberg lessons learned from re-tendering an international infrastructure ...
Carlsberg lessons learned from re-tendering an international infrastructure ...
 
Generic work description
Generic work descriptionGeneric work description
Generic work description
 
Flevy.com - Finance and Valuation Basics
Flevy.com - Finance and Valuation BasicsFlevy.com - Finance and Valuation Basics
Flevy.com - Finance and Valuation Basics
 
Jan Duffy - UK/Canada: L'esperienza degli Shared Services Centers in UK e in ...
Jan Duffy - UK/Canada: L'esperienza degli Shared Services Centers in UK e in ...Jan Duffy - UK/Canada: L'esperienza degli Shared Services Centers in UK e in ...
Jan Duffy - UK/Canada: L'esperienza degli Shared Services Centers in UK e in ...
 
Lessons in Enterprise Architecture and IT Service Management by Charles Betz,...
Lessons in Enterprise Architecture and IT Service Management by Charles Betz,...Lessons in Enterprise Architecture and IT Service Management by Charles Betz,...
Lessons in Enterprise Architecture and IT Service Management by Charles Betz,...
 
Heizer om10 ch02
Heizer om10 ch02Heizer om10 ch02
Heizer om10 ch02
 
Cdp nordic-260-climate-change-report-2012
Cdp nordic-260-climate-change-report-2012Cdp nordic-260-climate-change-report-2012
Cdp nordic-260-climate-change-report-2012
 
E Services Forum Exec Sum Jan 2011
E Services Forum Exec Sum Jan 2011E Services Forum Exec Sum Jan 2011
E Services Forum Exec Sum Jan 2011
 
Sustainable Infrastructure
Sustainable InfrastructureSustainable Infrastructure
Sustainable Infrastructure
 

Destaque

format transaksi kabel pulsa
format transaksi kabel pulsaformat transaksi kabel pulsa
format transaksi kabel pulsa
Web Seo Indonesia
 
14. internet video 2011-яковлев
14. internet video 2011-яковлев14. internet video 2011-яковлев
14. internet video 2011-яковлев
Aleksey Naumkin
 
Planability ETI short exhibition contractorss
Planability ETI short exhibition contractorssPlanability ETI short exhibition contractorss
Planability ETI short exhibition contractorss
PlanabilityETI
 
Work Samples
Work SamplesWork Samples
Work Samples
EggersP
 
Clipping Little PRP 21/11/11 @ IED Barcelona
Clipping Little PRP 21/11/11 @ IED BarcelonaClipping Little PRP 21/11/11 @ IED Barcelona
Clipping Little PRP 21/11/11 @ IED Barcelona
IED Barcelona
 
22. вымпелком анатолий сморгонский
22. вымпелком анатолий сморгонский22. вымпелком анатолий сморгонский
22. вымпелком анатолий сморгонский
Aleksey Naumkin
 
Thorcha march11 (1)
Thorcha march11 (1)Thorcha march11 (1)
Thorcha march11 (1)
Nijaz Asnar
 
презентация1
презентация1презентация1
презентация1
xxxnmxxx
 

Destaque (20)

IMUNOXY2003
IMUNOXY2003IMUNOXY2003
IMUNOXY2003
 
format transaksi kabel pulsa
format transaksi kabel pulsaformat transaksi kabel pulsa
format transaksi kabel pulsa
 
14. internet video 2011-яковлев
14. internet video 2011-яковлев14. internet video 2011-яковлев
14. internet video 2011-яковлев
 
Inkscape
InkscapeInkscape
Inkscape
 
Planability ETI short exhibition contractorss
Planability ETI short exhibition contractorssPlanability ETI short exhibition contractorss
Planability ETI short exhibition contractorss
 
2016 Conduit Program
2016 Conduit Program2016 Conduit Program
2016 Conduit Program
 
Data center dynamics ver. 1.0
Data center dynamics ver. 1.0Data center dynamics ver. 1.0
Data center dynamics ver. 1.0
 
Tameer monday 23 feb 2015
Tameer monday 23 feb 2015Tameer monday 23 feb 2015
Tameer monday 23 feb 2015
 
Work Samples
Work SamplesWork Samples
Work Samples
 
Clipping Little PRP 21/11/11 @ IED Barcelona
Clipping Little PRP 21/11/11 @ IED BarcelonaClipping Little PRP 21/11/11 @ IED Barcelona
Clipping Little PRP 21/11/11 @ IED Barcelona
 
Today's Learning and Technology – How Technology is changing the way people t...
Today's Learning and Technology – How Technology is changing the way people t...Today's Learning and Technology – How Technology is changing the way people t...
Today's Learning and Technology – How Technology is changing the way people t...
 
22. вымпелком анатолий сморгонский
22. вымпелком анатолий сморгонский22. вымпелком анатолий сморгонский
22. вымпелком анатолий сморгонский
 
Thorcha march11 (1)
Thorcha march11 (1)Thorcha march11 (1)
Thorcha march11 (1)
 
Industrial Summer Training for MCA/BCA/BE/B-Tech Students
Industrial Summer Training for MCA/BCA/BE/B-Tech StudentsIndustrial Summer Training for MCA/BCA/BE/B-Tech Students
Industrial Summer Training for MCA/BCA/BE/B-Tech Students
 
Mi mascota
Mi mascotaMi mascota
Mi mascota
 
In what ways does your media product use question 1
In what ways does your media product use question 1In what ways does your media product use question 1
In what ways does your media product use question 1
 
Gospelwork
GospelworkGospelwork
Gospelwork
 
8. vgtrk доклад
8. vgtrk доклад8. vgtrk доклад
8. vgtrk доклад
 
Aloha Design Portfolio
Aloha Design PortfolioAloha Design Portfolio
Aloha Design Portfolio
 
презентация1
презентация1презентация1
презентация1
 

Semelhante a A Framework for Obligation Fulfillment in REST Services

Ibm puresystems deck for tcs abhed_11102012
Ibm puresystems deck for tcs abhed_11102012Ibm puresystems deck for tcs abhed_11102012
Ibm puresystems deck for tcs abhed_11102012
abhedk
 
Infrastructure Finance Fundamentals (ADN Capital Ventures)
Infrastructure Finance Fundamentals (ADN Capital Ventures)Infrastructure Finance Fundamentals (ADN Capital Ventures)
Infrastructure Finance Fundamentals (ADN Capital Ventures)
Adam Nicolopoulos
 
OpenERP - Healthcare Industry, Valuedecision
OpenERP - Healthcare Industry, ValuedecisionOpenERP - Healthcare Industry, Valuedecision
OpenERP - Healthcare Industry, Valuedecision
Odoo
 

Semelhante a A Framework for Obligation Fulfillment in REST Services (20)

Introduction to the Decision Model - Larry Goldberg
Introduction to the Decision Model - Larry GoldbergIntroduction to the Decision Model - Larry Goldberg
Introduction to the Decision Model - Larry Goldberg
 
How to Build Decision Management Systems Part 2 Decision services
How to Build Decision Management Systems Part 2 Decision servicesHow to Build Decision Management Systems Part 2 Decision services
How to Build Decision Management Systems Part 2 Decision services
 
Taxonomy Change Management
Taxonomy Change ManagementTaxonomy Change Management
Taxonomy Change Management
 
Brainstorm - Smarter Simpler More Agile Processes
Brainstorm - Smarter Simpler More Agile ProcessesBrainstorm - Smarter Simpler More Agile Processes
Brainstorm - Smarter Simpler More Agile Processes
 
Enhancing learning transfer in the workplace
Enhancing learning transfer in the workplaceEnhancing learning transfer in the workplace
Enhancing learning transfer in the workplace
 
2.0 Adoption in the Enterprise - The Before
2.0 Adoption in the Enterprise - The Before2.0 Adoption in the Enterprise - The Before
2.0 Adoption in the Enterprise - The Before
 
2.0 Adoption in the Enterprise - The Before
2.0 Adoption in the Enterprise - The Before2.0 Adoption in the Enterprise - The Before
2.0 Adoption in the Enterprise - The Before
 
Heizer om10 ch07_s-capacity
Heizer om10 ch07_s-capacityHeizer om10 ch07_s-capacity
Heizer om10 ch07_s-capacity
 
Ibm puresystems deck for tcs abhed_11102012
Ibm puresystems deck for tcs abhed_11102012Ibm puresystems deck for tcs abhed_11102012
Ibm puresystems deck for tcs abhed_11102012
 
Chapter 11
Chapter 11Chapter 11
Chapter 11
 
Infrastructure Finance Fundamentals (ADN Capital Ventures)
Infrastructure Finance Fundamentals (ADN Capital Ventures)Infrastructure Finance Fundamentals (ADN Capital Ventures)
Infrastructure Finance Fundamentals (ADN Capital Ventures)
 
Course on Regulation and Sustainable Energy in Developing Countries - Session 9
Course on Regulation and Sustainable Energy in Developing Countries - Session 9Course on Regulation and Sustainable Energy in Developing Countries - Session 9
Course on Regulation and Sustainable Energy in Developing Countries - Session 9
 
Julian fenwick presentation
Julian fenwick presentationJulian fenwick presentation
Julian fenwick presentation
 
Tim Bates Mba Technology Conference 2007 Data Mining Presentation
Tim Bates Mba Technology Conference 2007 Data Mining PresentationTim Bates Mba Technology Conference 2007 Data Mining Presentation
Tim Bates Mba Technology Conference 2007 Data Mining Presentation
 
Regaining control of your pensions scheme conference
Regaining control of your pensions scheme conferenceRegaining control of your pensions scheme conference
Regaining control of your pensions scheme conference
 
Physician Practice Review Benchmarking
Physician Practice Review BenchmarkingPhysician Practice Review Benchmarking
Physician Practice Review Benchmarking
 
NCUA Board of Directors Policies
NCUA Board of Directors PoliciesNCUA Board of Directors Policies
NCUA Board of Directors Policies
 
OpenERP - Healthcare Industry, Valuedecision
OpenERP - Healthcare Industry, ValuedecisionOpenERP - Healthcare Industry, Valuedecision
OpenERP - Healthcare Industry, Valuedecision
 
The Proven Path to Supply Chain Cost Savings
The Proven Path to Supply Chain Cost SavingsThe Proven Path to Supply Chain Cost Savings
The Proven Path to Supply Chain Cost Savings
 
Week 2: ERP and shared services
Week 2: ERP and shared servicesWeek 2: ERP and shared services
Week 2: ERP and shared services
 

Mais de ruyalarcon

Mais de ruyalarcon (12)

Wsrest13 gilherme keynote
Wsrest13 gilherme keynoteWsrest13 gilherme keynote
Wsrest13 gilherme keynote
 
A Framework for Self-descriptive RESTful Services
A Framework for Self-descriptive RESTful ServicesA Framework for Self-descriptive RESTful Services
A Framework for Self-descriptive RESTful Services
 
Distributed affordance: An Open-World Assumption for Hypermedia
Distributed affordance: An Open-World Assumption for HypermediaDistributed affordance: An Open-World Assumption for Hypermedia
Distributed affordance: An Open-World Assumption for Hypermedia
 
Teaching Old Services New Tricks: Adding HATEOAS Support as an Afterthought
Teaching Old Services New Tricks: Adding HATEOAS Support as an AfterthoughtTeaching Old Services New Tricks: Adding HATEOAS Support as an Afterthought
Teaching Old Services New Tricks: Adding HATEOAS Support as an Afterthought
 
Modeling RESTful applications
Modeling RESTful applicationsModeling RESTful applications
Modeling RESTful applications
 
A Resource Oriented Framework for Context-Aware Enterprise Applications
A Resource Oriented Framework for Context-Aware Enterprise ApplicationsA Resource Oriented Framework for Context-Aware Enterprise Applications
A Resource Oriented Framework for Context-Aware Enterprise Applications
 
XML Technologies for RESTful Services Development
XML Technologies for RESTful Services DevelopmentXML Technologies for RESTful Services Development
XML Technologies for RESTful Services Development
 
RestFS: Resources and Services are Filesystems, Too
RestFS: Resources and Services are Filesystems, TooRestFS: Resources and Services are Filesystems, Too
RestFS: Resources and Services are Filesystems, Too
 
Hecate, Managing Authorization with RESTful XML
Hecate, Managing Authorization with RESTful XMLHecate, Managing Authorization with RESTful XML
Hecate, Managing Authorization with RESTful XML
 
REST and Linked Data: a match made for domain driven development?
REST and Linked Data: a match made for domain driven development?REST and Linked Data: a match made for domain driven development?
REST and Linked Data: a match made for domain driven development?
 
S1 intro
S1 introS1 intro
S1 intro
 
Fulfilling the Hypermedia Constraint via HTTP OPTIONS, The HTTP Vocabulary In...
Fulfilling the Hypermedia Constraint via HTTP OPTIONS, The HTTP Vocabulary In...Fulfilling the Hypermedia Constraint via HTTP OPTIONS, The HTTP Vocabulary In...
Fulfilling the Hypermedia Constraint via HTTP OPTIONS, The HTTP Vocabulary In...
 

A Framework for Obligation Fulfillment in REST Services

  • 1. A Framework for Obligation Fulfillment in REST Services WS-REST 2011 John Field Senior Technologist EMC Office of the CTO Joint work with Steven Graham and Tom Maguire © Copyright 2011 EMC Corporation. All rights reserved. 1
  • 2. Agenda   Introduction –  Motivating Use Case   Modeling Obligations –  Definitions, Architectural Roles   Extending Spring Security –  Design and Implementation   Obligation Design Patterns –  Metadata, Compatibility with REST Constraints   Obligation-enhanced Operations –  Development, Test, Deployment.   Conclusion –  Q&A, and Open Discussion © Copyright 2011 EMC Corporation. All rights reserved. 2
  • 3. What is an Obligation?   An Obligation is an expression of non-functional or cross-cutting requirements –  The scope of which transcends any specific service… –  …But for which the service bears an enforcement responsibility.   Example: The regulatory requirements imposed upon processing of Electronic Health Records (EHR). © Copyright 2011 EMC Corporation. All rights reserved. 3
  • 4. A Motivating Use Case: E-Health Records   Example: –  “A patient’s records may be released to a 3rd party, but only on a secure channel, and in a redacted form, and only with an appropriate notification to the parent or guardian within 24 hours”.   The implied requirements go beyond a simple “Permit” or “Deny” authorization decision, and include: –  Privacy/Redaction –  Records Retention –  Patient and/or guardian notifications –  Complex conditional authorization rules –  Etc. © Copyright 2011 EMC Corporation. All rights reserved. 4
  • 5. A Motivating Use Case: E-Health Records of requirements are also subject to   These types change, and may not even be known until deployment time. –  Making design, development, and product roadmap planning even more difficult.   Developers need a way to satisfy these requirements, while avoiding tangling the non-functional and cross- cutting GRC code into their core service logic. –  Question: Can we help by creating an appropriate developer framework?   Finally, note that use cases like this create challenges for many different stakeholders, not just developers: –  Product Managers –  Security Administrators –  Auditors © Copyright 2011 EMC Corporation. All rights reserved. 5
  • 6. Modeling Obligations   Obligations can be modeled as an extension to the classical conceptual model used for security enforcement. Policy Policy Administration Decision Point Point Policy Enforcement Point © Copyright 2011 EMC Corporation. All rights reserved. 6
  • 7. Conceptual Model for Obligations 4.  Policy Request Policy 5.  Policy Response Policy Administration Decision Point Point 3.  Decision Request 1.  Define Policy w/Obligations 6.  Decision Semantic Response Contract …with Obligations Policy 7.  Enforce Enforcement Decision, Point and Fulfill 2.  Request Resource 8.  Return Resource Obligations Representation © Copyright 2011 EMC Corporation. All rights reserved. 7
  • 8. Conceptual Model for Obligations Policy Policy Administration Decision Point Point   The PAP defines the Obligations.   The PEP fulfills the Obligations. Policy   The PDP is a trusted intermediary. Enforcement Point   Instantiates the obligation assertions,   Does not otherwise interpret or enforce the obligation.   Obligations extend the interface contract between the PDP and the PEP, and the semantic contract between the PEP and the PAP. © Copyright 2011 EMC Corporation. All rights reserved. 8
  • 9. A Standardized Model for Obligations   The OASIS XACML Technical Committee has defined a standard conceptual model for obligations. –  Boolean response + Obligation URN + attribute metadata. –  …unordered collection of strongly typed attributes, with values associated at runtime.   Permit…but do urn:emc:cto:obl:poc:1 with attributes   Deny…and do urn:emc:cto:obl:poc:2 with attributes   Our implementation was inspired by the XACML core standard, but is not a complete implementation.   Our design choices were driven by the desire to support REST developers who are already using a services framework such as Apache CXF or Spring MVC, along with Spring Security. © Copyright 2011 EMC Corporation. All rights reserved. 9
  • 10. Developer Enablement via the Spring Framework   Effective use of obligations requires support via a developer framework. –  Framework-based enforcement ensures appropriate:   Separation of concerns in the Java code   Separation of skills and responsibilities between application development and application deployment.   The Spring Framework is the de facto standard for Java developers –  Thus, we explored what could be done to provide support for obligations via Spring Security. © Copyright 2011 EMC Corporation. All rights reserved. 10
  • 11. Extending Spring Security   Spring Security’s features are extensible through the use of dependency injection. –  We designed and implemented the new obligation- aware components, and then configured these using DI.   The new components are designed to co-exist with the installed base. –  But to ensure that fulfillment occurs, deployers must be sure to configure the obligation-aware components first. © Copyright 2011 EMC Corporation. All rights reserved. 11
  • 12. Servlet  Container     Delega�ngFilterProxy   Other  Servlet  Filters         …                       …   Spring  IoC  Container   © Copyright 2011 EMC Corporation. All rights reserved. 12
  • 13. Inside the Spring Security Filter Other     Servlet     Filters   Chain Security   Authent-­‐   Session   Author-­‐   Context   ica�on   Management   iza�on   Persistence   Allowed Denied Securit Authen�ca�on   Access y ROLE_XXX   Decision Contex Manager t © Copyright 2011 EMC Corporation. All rights reserved. 13
  • 14. Supporting Obligations in Other     Servlet     Filters   Spring Security Obliga�on   Fulfillers   Security   Obliga�on   Authent-­‐   Session   Author-­‐   Obliga�on   Context   Enhanced   ica�on   Management   iza�on   Fulfiller   Persistence   Security   Filter   Context   Persistence   Allowed Allowed, but… Obligatio Denied Obligatio Securit n Pa PiP n Access Denied and… y Enhanced Authen�ca�on   PiP Enhanced Decision Contex Security ROLE_XXX   P Access Manager t Context PiP Obliga�ons   Decision PiP   PiP Fulfiller   PiP PiP Manager Registry   © Copyright 2011 EMC Corporation. All rights reserved. 14
  • 15. What about Obligations related Other     X   Servlet     Filters   to “Access Denied”? Obliga�on   Fulfillers   Security   Obliga�on   Authent-­‐   Session   Author-­‐   Deny   Obliga�on   Context   Enhanced   ica�on   Management   Obliga�on   Fulfiller   iza�on   Persistence   Security   Fulfiller   Filter   Context   Filter   Persistence   Obliga�on   Fulfillers   Obligatio Obligatio Securit n n Pa PiP Access y Enhanced Authen�ca�on   PiP Enhanced Decision Contex Security ROLE_XXX   P Access Manager t Context PiP Obliga�ons   Decision PiP   PiP Fulfiller   PiP   PiP Fulfiller   PiP PiP Manager Registry   Registry   © Copyright 2011 EMC Corporation. All rights reserved. 15
  • 16. General Obligation Design Pattern Q: When should software designers use obligations? A: When there is a requirement for a supplementary policy enforcement action that is: –  Application-centric, but not application-specific. –  The supplementary enforcement is concurrent with the processing of a specific user transaction. –  Enforcement action may be independent of the outcome of the user transaction. –  Enforcement requirement specified at deployment time.   Requirement may not yet be known at application design time © Copyright 2011 EMC Corporation. All rights reserved. 16
  • 17. Metadata for Obligations Representing and Managing both the Implict and Explicit Properties   No standards exist for the metadata properties that characterize the obligation behaviors.   Our analysis led to the following table: Obl. Obl. Directly Directly Fires Before Fires After Side Synchro- Category Type Modifies Modifies Resource Resource Effects? nized* Request? Response? Access? Access? GRC Policy No No Yes No Yes. No Mgmt PAP updated Security, Audit No No No Yes Yes. No SIEM Logging Logs updated SLA Resource No Yes No Yes None No Mgmt *Synchronized before response sent to client? © Copyright 2011 EMC Corporation. All rights reserved. 17
  • 18. Obligation Management Consistent with REST   Obligations must themselves be considered REST resources. –  They are addressable, cacheable, resources.   The linked data representation of the obligation should include –  Implicit metadata properties, as described above –  Explicit relationships with other resources, i.e. a type, such as a Patient application or record.   The obligation management system must exhibit the appropriate emergent properties: –  Loose coupling through the uniform interface, scalability, visibility © Copyright 2011 EMC Corporation. All rights reserved. 18
  • 19. Compatibility With HATEOAS Constraint   Obligations can have a direct impact on the resource representation that is delivered to the client. –  The client may or may not be made aware that obligation fulfillment has occurred.   Either scenario can maintain complete adherence to the HATEOAS constraint. –  The representation must contain a consistent metadata set, via appropriate links, and media types. –  i.e. one could represent the required fulfillments through the use of specific media types   Content-Type, maybe Accept headers. © Copyright 2011 EMC Corporation. All rights reserved. 19
  • 20. Compatibility with the Layered System Constraint   Our current prototype is based upon an in-process model. –  Targeted to the installed base of Java + Spring Framework developers.   One can also envision other fulfillment models.   The layered system and uniform interface constraints of REST ensure that clients and servers may rely upon arbitrary intermediaries to provide fulfillment. –  This approach may have advantages when in-process fulfillment is not convenient or achievable.   An out-of-process fulfillment option again highlights the importance of defining obligations as addressable resources –  As the intermediary may be a shared component supporting more than one administrative domain, i.e. in a Cloud Service. © Copyright 2011 EMC Corporation. All rights reserved. 20
  • 21. Obligation-enhanced Development Application Deployment Developer Engineer design/code/ test/deploy Production test/release GRC Admin Security … Admin Auditor - Add GRC obligations - Tailor fulfillers - Add security obligations - Test - Tailor fulfillers - Test - Validate compliance via tool GRC Obligation - Compare to best practices Packages Security - Monitor regulatory changes Repository Obligation Packages Repository Obligation Developer Industry Standard Obligation - Build new obligation fulfillers Packages Repository - Tailor existing obligation fulfillers © Copyright 2011 EMC Corporation. All rights reserved. 21
  • 22. Operational Benefits of Obligations   For the developer –  obligations provide a consistent and standardizable mechanism to enable injection of application-centric GRC controls at design, development or deployment time.   For the security admin –  obligations provide a mechanism to enable applications to effectively leverage an existing XACML-based enterprise entitlement management infrastructure.   For the deployment engineer –  obligations can also be used to customize a generic application in support of specific corporate policies.   including adjustments required for different localities or geographies.   For the auditor –  obligations are an effective way to factor and package the code that implements any application-independent or well-known controls. © Copyright 2011 EMC Corporation. All rights reserved. 22
  • 23. Q&A © Copyright 2011 EMC Corporation. All rights reserved. 23
  • 24. THANK YOU © Copyright 2011 EMC Corporation. All rights reserved. 24