SlideShare uma empresa Scribd logo

Assert4soa 2nd cluster meeting

F
fcleary
Tecnologia
1 de 20
Baixar para ler offline
You live in a certified house, you drive a certified car, why would you use an uncertified service? • SAP • Università degli Studi di Milano Ernesto Damiani • Engineering Ingegneria Informatica ernesto.damiani@unimi.it • SIT - Fraunhofer Institute • City University of London Università degli Studi di Milano • University of Malaga • Fondazione Ugo Bordoni 1
Talk outline ●ASSERT4SOA in a nutshell ●Ongoing work, open problems, and (hopefully) some sharable ideas ●Next Exit: The Future Doctoral School – Security Patterns for ITC Infrastructures, 2 March-April 2011
Motivation (I) ● Emerging paradigms like Cloud and SaaS are reviving the notion of open service ecosystem • Toward service virtualization: Invocation paradigm no longer an issue, security and reliability more an issue than ever. • Toward service communities: no single open-to-all service registry, but several large ones managed by cloud providers and/or communities ● This ongoing evolution of SOA requires re-thinking of testing and verification methodologies. ● Our two foundational ideas: • Make documentation of assurance available at run time to increase users’ confidence and enable assurance-aware service composition • Sign such documentation. Certification can play a role to establish a trust model suitable for service ecosystems 3 BS ME 20
Modified Trust ● Modified trust model of software assurance documentation with certification 4 BS ME 20
Motivation (II) ● Existing certification techniques and protocols not suitable for services • Defined for traditional monolithic software components • Provide engineers in charge of software procurement with human-readable evidences signed by a trusted third party ● Service-oriented certification techniques and protocols • Requires dynamic and machine-readable certificates • Should be integrated in run-time service selection and composition processes 5 BS ME 20
ASSERT4SOA GOALS ● Produce novel techniques and tools for expressing, assessing and certifying security properties for complex service-oriented applications ● Integrate certification in the SOA lifecycle ● Extend SOA infrastructure for certificate- based selection and comparison of services 6
ASSERT4SOA Vision Service Requested Service Consumer Assurance Consumer Properties Requested Assurance Certificate Certificate Properties 2. Lookup Requested Administration Point Administration Point 3. Evaluate properties Assurance Properties ASSERT Certificate Decision Certificate Decision 2. Lookup Point Point Service Discovery 3. Interact Service Discovery ASSERT Aware 4. Interact 1. Register 1. Register ASSERT Certification Schemes Service Certifiers Certificate Certificate (CC, SAS70, Certification SOA Specific..) Administration Point Administration Point Certification Schemes ASSERT Certifiers ASSERT ASSERT Service (CC, SAS70, Accredited Accredited SOA Specific..) Authority Authority 0. Deliver ASSERT Existing Component Digital World Current Situation ASSERT4SOA vision 7 ASSERT Component ASSERT Component Physical World
ASSERT4SOA Certification Classes ● Evidence-based certification provides evidence-based proofs that a test carried out on the software has given a certain result, which in turn shows (perhaps with a certain level of uncertainty) that a given property holds for that software ● Model-based certification provides formal proofs that an abstract model (e.g., a set of logic formulas, or a formal computational model such as a finite state automaton) representing a software system holds a given property ● Ontology-based certification provides a solution to issue an ASSERT4SOA certificate starting from the certificates of a given software product (e.g., Common Criteria) 8
ASSERT4SOA Certification Models ASSERT Accredited ASSERT Accredited Authority Authority Service Consumer Requested Certificate Certificate Assurance Administration Point Administration Point Properties Requested ASSERT Assurance Properties Certificate Decision Certificate Decision Point Point Evidence Service Discovery Reasoner Ontology ASSERT Aware Ontology ASSERT Reasoner Certificate Evaluation Point Certificate Evaluation Point 9
Ongoing work, open problems and (hopefully) sharable ideas 10
What shall we certify? ● Security properties (a.k.a. generic security requirements) for the service under evaluation (e.g., Confidentiality, Integrity, Authenticity) • Maybe reliability and dependability ● Need a top ontology of such properties • Coordinated effort with Ed Fernandez’s NSF project on reliability Doctoral School – Security Patterns for ITC Infrastructures, 11 March-April 2011
Linking security properties to security mechanisms ● Problem 1: abstract security properties are mostly expressed as requirements at the service (or container) design time • Links to service features and mechanisms are seldom specified • No SLA-style metadata for run-time negotiation of security or reliability features Doctoral School – Security Patterns for ITC Infrastructures, 12 March-April 2011
Linking security properties to security mechanisms • An idea: an ontology of concrete properties, i.e. abstract properties enriched with a set of “class attributes”: test- generation or formal model of security mechanisms, adversarial model, etc.. • Domain of each attribute has a partial/total order relationship • Example: confidentiality property on service requests/responses, with a DES algorithm and a key length of 128 bits, adversarial model: can read channel. • Concrete properties are testable or verifiable at the service or container level. Doctoral School – Security Patterns for ITC Infrastructures, 13 March-April 2011
Mapping property certificates to services ● Problem 2: security mechanisms are not in a one-to-one relationship with service endpoints • Current security standards are usually implemented at container level (e.g., Rampart) • Individual services may have their own implementations to be used in addition or as an alternative to container-level mechanisms • BTW: services are not even in a one-to-one relationship with their endpoints (especially on cloud, see later) Doctoral School – Security Patterns for ITC Infrastructures, 14 March-April 2011
SOME SHARABLE IDEAS ● Testing and formal methods for certified WS security • With classic WS security standards and patterns as building blocks, develop assurance mechanisms supporting the certification of basic security properties for individual Web services and for service containers. Such assurance mechanisms can be based on (model-based) security testing and on formal methods. ● Run-time selection of secure services. • Replacing the traditional “red line” between the caller - e.g., a BPEL engine - and the callee with a mechanism capable of checking customized assurance policies, we support different isolation and protection mechanisms. • Also, we select accountability and recovery mechanisms at run-time. ● Models and techniques for building end-to-end certified business processes. • Generally speaking, security properties of individual services cannot be used to infer security properties of a composition they partake. However, such inference can sometimes be drawn when the composition topology is known a priori (e.g., it is a simple orchestration). • We will investigate a set of domain-specific cases involving different components at different abstraction layers (ranging from secure file system, to financial information control), where it is possible to link everything together and use certified services to build end-to-end certified 15 processes.
Architectural challenges ● WITHIN ASSERT4SOA • Extend current SOA infrastructure with security certificates • Provide a mechanism for runtime certificate matching that evaluates if the assurance level provided by a service’s certificate is compatible with clients’ preferences ● OTHER SHARABLE IDEAS • Use certificate matching to enforce customized assurance policies, e.g. supporting different isolation and protection mechanisms for processess. • Use certificate matching to select accountability and recovery mechanisms at run-time Doctoral School – Security Patterns for ITC Infrastructures, 16 March-April 2011
Outlook Doctoral School – Security Patterns for ITC Infrastructures, 17 March-April 2011
Certified security from SOA to Cloud ● Distinction between SOAs and SaaS on clouds increasingly blurred ● One of the core patterns for SaaS over SOA is "Service Virtualization”, used by organizations to expose virtual services in front of their infrastructure. • These virtual services can take the form of lightweight REST APIs or heavyweight SOAP Web Services. Hybrids are also possible, e.g. exposing a REST service in front of a SOAP service, and convert REST to SOAP dynamically. Doctoral School – Security Patterns for ITC Infrastructures, 18 March-April 2011
Certified security from SOA to Cloud ● How does it work? Use on-the-fly WSDL redirection (as of WSDL 2.0, applies to REST API as well as SOAP). • WSDL includes the address of the service provider host. When the Gateway exposes a virtual service, it must replace this address with the address of the Gateway. • FQDN endpoints will still work.. • But wxactly who are we talking to? ● A potential security nightmare (see later), but also a new research area: Service virtualization security Doctoral School – Security Patterns for ITC Infrastructures, 19 March-April 2011
Hard nut to crack: Cross-layering ● Service-level security mechanisms are assumed to be independent from channel and protocol level provisions ● BUT: virtualization will introduce a degree of cross- layering • E.g.: WSDL addresses using SSL makes SSL certificates dependent on hostname changes. ● Typical cross-layered solution: use a SSL Server Name Identifier (SNI) that will dynamically use the appropriate SSL certificate (and private key) for the endpoint. • Introduces potential security concerns in the service endpoint – to-certificate matching. • No service-level certificate will deal with this Doctoral School – Security Patterns for ITC Infrastructures, 20 March-April 2011

Recomendados

SOA Exception Management
SOA Exception ManagementSOA Exception Management
SOA Exception ManagementLawrence Wilkes
 
Bic effectplus ws
Bic effectplus wsBic effectplus ws
Bic effectplus wsfcleary
 
The french language
The french languageThe french language
The french languageJon Muir
 
DeMolay Conclave Opening
DeMolay Conclave Opening DeMolay Conclave Opening
DeMolay Conclave Opening Regan Bright
 
Parcial power point herram web 2.0 25 jul
Parcial power point herram web 2.0 25 jul Parcial power point herram web 2.0 25 jul
Parcial power point herram web 2.0 25 jul Gloria Nelsy Zerda Diaz
 
Comifin cluster meeting
Comifin cluster meetingComifin cluster meeting
Comifin cluster meetingfcleary
 
Yehyounewest2
Yehyounewest2Yehyounewest2
Yehyounewest2Lani Ermino
 
Nessos cluster meeting
Nessos cluster meetingNessos cluster meeting
Nessos cluster meetingfcleary
 

Recomendados

SOA Exception Management
SOA Exception ManagementSOA Exception Management
SOA Exception ManagementLawrence Wilkes
 
Bic effectplus ws
Bic effectplus wsBic effectplus ws
Bic effectplus wsfcleary
 
The french language
The french languageThe french language
The french languageJon Muir
 
DeMolay Conclave Opening
DeMolay Conclave Opening DeMolay Conclave Opening
DeMolay Conclave Opening Regan Bright
 
Parcial power point herram web 2.0 25 jul
Parcial power point herram web 2.0 25 jul Parcial power point herram web 2.0 25 jul
Parcial power point herram web 2.0 25 jul Gloria Nelsy Zerda Diaz
 
Comifin cluster meeting
Comifin cluster meetingComifin cluster meeting
Comifin cluster meetingfcleary
 
Yehyounewest2
Yehyounewest2Yehyounewest2
Yehyounewest2Lani Ermino
 
Nessos cluster meeting
Nessos cluster meetingNessos cluster meeting
Nessos cluster meetingfcleary
 
Funcion renal
Funcion renalFuncion renal
Funcion renalIsaac Roman Alonso
 
HIPS Brochure
HIPS BrochureHIPS Brochure
HIPS Brochurehipspipefabrications
 
NOTAS DEFINITIVAS HIDRAULICA APLICADA 1-2013
NOTAS DEFINITIVAS HIDRAULICA APLICADA 1-2013NOTAS DEFINITIVAS HIDRAULICA APLICADA 1-2013
NOTAS DEFINITIVAS HIDRAULICA APLICADA 1-2013eduardopulidosanchez
 
Wsanacip tampres cluster meeting
Wsanacip tampres cluster meetingWsanacip tampres cluster meeting
Wsanacip tampres cluster meetingfcleary
 
The super 6
The super 6The super 6
The super 6tabkatz63
 
Effectsplus july event report
Effectsplus july event report Effectsplus july event report
Effectsplus july event report fcleary
 
Presentacion en power point 2
Presentacion en power point 2Presentacion en power point 2
Presentacion en power point 2Gloria Nelsy Zerda Diaz
 
Отчет по коммуникационной политике банков в Интернете, 2012H1
Отчет по коммуникационной политике банков в Интернете, 2012H1Отчет по коммуникационной политике банков в Интернете, 2012H1
Отчет по коммуникационной политике банков в Интернете, 2012H1Natalia Deltsova
 
Soft Layer Sas70
Soft Layer Sas70Soft Layer Sas70
Soft Layer Sas70SoftLayer Technologies
 
ICAM - Demo Architecture review
ICAM - Demo Architecture reviewICAM - Demo Architecture review
ICAM - Demo Architecture reviewRamesh Nagappan
 
25-ISO 9000
25-ISO 900025-ISO 9000
25-ISO 9000Alif Mahardika
 
Cisco Study: State of Web Security
Cisco Study: State of Web Security Cisco Study: State of Web Security
Cisco Study: State of Web Security Cisco Canada
 
Certification Leaflet
Certification LeafletCertification Leaflet
Certification Leafletguest7c89c5
 
OpenSSO Tech Overview Aquarium
OpenSSO Tech Overview AquariumOpenSSO Tech Overview Aquarium
OpenSSO Tech Overview AquariumEduardo Pelegri-Llopart
 
Paul Butterworth Policy Based Approach
Paul Butterworth Policy Based ApproachPaul Butterworth Policy Based Approach
Paul Butterworth Policy Based ApproachSOA Symposium
 
Enterprise Architecture Certifications Distilled
Enterprise Architecture Certifications DistilledEnterprise Architecture Certifications Distilled
Enterprise Architecture Certifications DistilledMike Walker
 
Pki enabling applications and mca implementation in tcs
Pki enabling applications and mca implementation in tcsPki enabling applications and mca implementation in tcs
Pki enabling applications and mca implementation in tcsH9460730008
 
Lou wheatcraft vv
Lou wheatcraft vvLou wheatcraft vv
Lou wheatcraft vvNASAPMC
 
Comodo Overview Presentation Read Only
Comodo Overview Presentation Read OnlyComodo Overview Presentation Read Only
Comodo Overview Presentation Read OnlyJayHicks
 
Parasoft Concerto A complete ALM platform that ensures quality software can b...
Parasoft Concerto A complete ALM platform that ensures quality software can b...Parasoft Concerto A complete ALM platform that ensures quality software can b...
Parasoft Concerto A complete ALM platform that ensures quality software can b...Engineering Software Lab
 
IdM in Smart Applications on Virtual Infrastructure
IdM in Smart Applications on Virtual InfrastructureIdM in Smart Applications on Virtual Infrastructure
IdM in Smart Applications on Virtual InfrastructureMohammad Faraji
 
Independent Assessment Services - Smart Grid
Independent Assessment Services - Smart GridIndependent Assessment Services - Smart Grid
Independent Assessment Services - Smart GridJohn Chowdhury
 

Mais conteúdo relacionado

Destaque

NOTAS DEFINITIVAS HIDRAULICA APLICADA 1-2013
NOTAS DEFINITIVAS HIDRAULICA APLICADA 1-2013NOTAS DEFINITIVAS HIDRAULICA APLICADA 1-2013
NOTAS DEFINITIVAS HIDRAULICA APLICADA 1-2013eduardopulidosanchez
 
Wsanacip tampres cluster meeting
Wsanacip tampres cluster meetingWsanacip tampres cluster meeting
Wsanacip tampres cluster meetingfcleary
 
Effectsplus july event report
Effectsplus july event report Effectsplus july event report
Effectsplus july event report fcleary
 
Отчет по коммуникационной политике банков в Интернете, 2012H1
Отчет по коммуникационной политике банков в Интернете, 2012H1Отчет по коммуникационной политике банков в Интернете, 2012H1
Отчет по коммуникационной политике банков в Интернете, 2012H1Natalia Deltsova
 

Destaque (8)

Funcion renal
Funcion renalFuncion renal
Funcion renal
 
HIPS Brochure
HIPS BrochureHIPS Brochure
HIPS Brochure
 
NOTAS DEFINITIVAS HIDRAULICA APLICADA 1-2013
NOTAS DEFINITIVAS HIDRAULICA APLICADA 1-2013NOTAS DEFINITIVAS HIDRAULICA APLICADA 1-2013
NOTAS DEFINITIVAS HIDRAULICA APLICADA 1-2013
 
Wsanacip tampres cluster meeting
Wsanacip tampres cluster meetingWsanacip tampres cluster meeting
Wsanacip tampres cluster meeting
 
The super 6
The super 6The super 6
The super 6
 
Effectsplus july event report
Effectsplus july event report Effectsplus july event report
Effectsplus july event report
 
Presentacion en power point 2
Presentacion en power point 2Presentacion en power point 2
Presentacion en power point 2
 
Отчет по коммуникационной политике банков в Интернете, 2012H1
Отчет по коммуникационной политике банков в Интернете, 2012H1Отчет по коммуникационной политике банков в Интернете, 2012H1
Отчет по коммуникационной политике банков в Интернете, 2012H1
 

Semelhante a Assert4soa 2nd cluster meeting

ICAM - Demo Architecture review
ICAM - Demo Architecture reviewICAM - Demo Architecture review
ICAM - Demo Architecture reviewRamesh Nagappan
 
Cisco Study: State of Web Security
Cisco Study: State of Web Security Cisco Study: State of Web Security
Cisco Study: State of Web Security Cisco Canada
 
Certification Leaflet
Certification LeafletCertification Leaflet
Certification Leafletguest7c89c5
 
Paul Butterworth Policy Based Approach
Paul Butterworth Policy Based ApproachPaul Butterworth Policy Based Approach
Paul Butterworth Policy Based ApproachSOA Symposium
 
Enterprise Architecture Certifications Distilled
Enterprise Architecture Certifications DistilledEnterprise Architecture Certifications Distilled
Enterprise Architecture Certifications DistilledMike Walker
 
Pki enabling applications and mca implementation in tcs
Pki enabling applications and mca implementation in tcsPki enabling applications and mca implementation in tcs
Pki enabling applications and mca implementation in tcsH9460730008
 
Lou wheatcraft vv
Lou wheatcraft vvLou wheatcraft vv
Lou wheatcraft vvNASAPMC
 
Comodo Overview Presentation Read Only
Comodo Overview Presentation Read OnlyComodo Overview Presentation Read Only
Comodo Overview Presentation Read OnlyJayHicks
 
Parasoft Concerto A complete ALM platform that ensures quality software can b...
Parasoft Concerto A complete ALM platform that ensures quality software can b...Parasoft Concerto A complete ALM platform that ensures quality software can b...
Parasoft Concerto A complete ALM platform that ensures quality software can b...Engineering Software Lab
 
IdM in Smart Applications on Virtual Infrastructure
IdM in Smart Applications on Virtual InfrastructureIdM in Smart Applications on Virtual Infrastructure
IdM in Smart Applications on Virtual InfrastructureMohammad Faraji
 
Independent Assessment Services - Smart Grid
Independent Assessment Services - Smart GridIndependent Assessment Services - Smart Grid
Independent Assessment Services - Smart GridJohn Chowdhury
 
Certificate Issuance Engine -CertificatesNow
Certificate Issuance Engine -CertificatesNow Certificate Issuance Engine -CertificatesNow
Certificate Issuance Engine -CertificatesNow paulkallol
 
How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...
How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...
How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...Novell
 
How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...
How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...
How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...Novell
 
Andre Tost E S B Ref Arch
Andre Tost E S B Ref ArchAndre Tost E S B Ref Arch
Andre Tost E S B Ref ArchSOA Symposium
 
Security Certification - Critical Review
Security Certification - Critical ReviewSecurity Certification - Critical Review
Security Certification - Critical ReviewISA Interchange
 
Full Stack Aadhaar eKYC Solution
Full Stack Aadhaar eKYC Solution Full Stack Aadhaar eKYC Solution
Full Stack Aadhaar eKYC Solution Rajesh Sukumaran
 

Semelhante a Assert4soa 2nd cluster meeting (20)

Soft Layer Sas70
Soft Layer Sas70Soft Layer Sas70
Soft Layer Sas70
 
ICAM - Demo Architecture review
ICAM - Demo Architecture reviewICAM - Demo Architecture review
ICAM - Demo Architecture review
 
25-ISO 9000
25-ISO 900025-ISO 9000
25-ISO 9000
 
Cisco Study: State of Web Security
Cisco Study: State of Web Security Cisco Study: State of Web Security
Cisco Study: State of Web Security
 
Certification Leaflet
Certification LeafletCertification Leaflet
Certification Leaflet
 
OpenSSO Tech Overview Aquarium
OpenSSO Tech Overview AquariumOpenSSO Tech Overview Aquarium
OpenSSO Tech Overview Aquarium
 
Paul Butterworth Policy Based Approach
Paul Butterworth Policy Based ApproachPaul Butterworth Policy Based Approach
Paul Butterworth Policy Based Approach
 
Enterprise Architecture Certifications Distilled
Enterprise Architecture Certifications DistilledEnterprise Architecture Certifications Distilled
Enterprise Architecture Certifications Distilled
 
Pki enabling applications and mca implementation in tcs
Pki enabling applications and mca implementation in tcsPki enabling applications and mca implementation in tcs
Pki enabling applications and mca implementation in tcs
 
Lou wheatcraft vv
Lou wheatcraft vvLou wheatcraft vv
Lou wheatcraft vv
 
Comodo Overview Presentation Read Only
Comodo Overview Presentation Read OnlyComodo Overview Presentation Read Only
Comodo Overview Presentation Read Only
 
Parasoft Concerto A complete ALM platform that ensures quality software can b...
Parasoft Concerto A complete ALM platform that ensures quality software can b...Parasoft Concerto A complete ALM platform that ensures quality software can b...
Parasoft Concerto A complete ALM platform that ensures quality software can b...
 
IdM in Smart Applications on Virtual Infrastructure
IdM in Smart Applications on Virtual InfrastructureIdM in Smart Applications on Virtual Infrastructure
IdM in Smart Applications on Virtual Infrastructure
 
Independent Assessment Services - Smart Grid
Independent Assessment Services - Smart GridIndependent Assessment Services - Smart Grid
Independent Assessment Services - Smart Grid
 
Certificate Issuance Engine -CertificatesNow
Certificate Issuance Engine -CertificatesNow Certificate Issuance Engine -CertificatesNow
Certificate Issuance Engine -CertificatesNow
 
How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...
How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...
How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...
 
How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...
How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...
How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...
 
Andre Tost E S B Ref Arch
Andre Tost E S B Ref ArchAndre Tost E S B Ref Arch
Andre Tost E S B Ref Arch
 
Security Certification - Critical Review
Security Certification - Critical ReviewSecurity Certification - Critical Review
Security Certification - Critical Review
 
Full Stack Aadhaar eKYC Solution
Full Stack Aadhaar eKYC Solution Full Stack Aadhaar eKYC Solution
Full Stack Aadhaar eKYC Solution
 

Mais de fcleary

Viking vi cisi
Viking vi cisiViking vi cisi
Viking vi cisifcleary
 
T&s roadmap slides ams
T&s roadmap slides amsT&s roadmap slides ams
T&s roadmap slides amsfcleary
 
Effect splus systems-and-network-cluster-results-draft-v1
Effect splus systems-and-network-cluster-results-draft-v1Effect splus systems-and-network-cluster-results-draft-v1
Effect splus systems-and-network-cluster-results-draft-v1fcleary
 
Wsanacip tampres cluster meeting
Wsanacip tampres cluster meetingWsanacip tampres cluster meeting
Wsanacip tampres cluster meetingfcleary
 
Vis sense cluster meeting
Vis sense cluster meetingVis sense cluster meeting
Vis sense cluster meetingfcleary
 
Endorse cluster meeting
Endorse cluster meetingEndorse cluster meeting
Endorse cluster meetingfcleary
 
Posecco cluster meeting
Posecco cluster meetingPosecco cluster meeting
Posecco cluster meetingfcleary
 
Assert4soa cluster meeting
Assert4soa cluster meetingAssert4soa cluster meeting
Assert4soa cluster meetingfcleary
 
Nessos securechange cluster meeting
Nessos securechange cluster meetingNessos securechange cluster meeting
Nessos securechange cluster meetingfcleary
 
Massif cluster meeting
Massif cluster meetingMassif cluster meeting
Massif cluster meetingfcleary
 
VIKING cluster meeting 1
VIKING cluster meeting 1VIKING cluster meeting 1
VIKING cluster meeting 1fcleary
 
Models Workshop Objectives
Models Workshop ObjectivesModels Workshop Objectives
Models Workshop Objectivesfcleary
 
U trustit_cluster meeting
U trustit_cluster meetingU trustit_cluster meeting
U trustit_cluster meetingfcleary
 
Massif road mapping_20110704
Massif road mapping_20110704Massif road mapping_20110704
Massif road mapping_20110704fcleary
 
Workshop summary software assurance and trust
Workshop summary software assurance and trustWorkshop summary software assurance and trust
Workshop summary software assurance and trustfcleary
 
Aniketos 2nd cluster meeting
Aniketos 2nd cluster meetingAniketos 2nd cluster meeting
Aniketos 2nd cluster meetingfcleary
 
Posecco clustering meeting
Posecco clustering meetingPosecco clustering meeting
Posecco clustering meetingfcleary
 

Mais de fcleary (20)

Viking vi cisi
Viking vi cisiViking vi cisi
Viking vi cisi
 
T&s roadmap slides ams
T&s roadmap slides amsT&s roadmap slides ams
T&s roadmap slides ams
 
Effect splus systems-and-network-cluster-results-draft-v1
Effect splus systems-and-network-cluster-results-draft-v1Effect splus systems-and-network-cluster-results-draft-v1
Effect splus systems-and-network-cluster-results-draft-v1
 
Wsanacip tampres cluster meeting
Wsanacip tampres cluster meetingWsanacip tampres cluster meeting
Wsanacip tampres cluster meeting
 
Vis sense cluster meeting
Vis sense cluster meetingVis sense cluster meeting
Vis sense cluster meeting
 
Endorse cluster meeting
Endorse cluster meetingEndorse cluster meeting
Endorse cluster meeting
 
Posecco cluster meeting
Posecco cluster meetingPosecco cluster meeting
Posecco cluster meeting
 
Assert4soa cluster meeting
Assert4soa cluster meetingAssert4soa cluster meeting
Assert4soa cluster meeting
 
Nessos securechange cluster meeting
Nessos securechange cluster meetingNessos securechange cluster meeting
Nessos securechange cluster meeting
 
Massif cluster meeting
Massif cluster meetingMassif cluster meeting
Massif cluster meeting
 
VIKING cluster meeting 1
VIKING cluster meeting 1VIKING cluster meeting 1
VIKING cluster meeting 1
 
Models Workshop Objectives
Models Workshop ObjectivesModels Workshop Objectives
Models Workshop Objectives
 
U trustit_cluster meeting
U trustit_cluster meetingU trustit_cluster meeting
U trustit_cluster meeting
 
Massif road mapping_20110704
Massif road mapping_20110704Massif road mapping_20110704
Massif road mapping_20110704
 
Syssec
SyssecSyssec
Syssec
 
Nessos
NessosNessos
Nessos
 
Tdl
TdlTdl
Tdl
 
Workshop summary software assurance and trust
Workshop summary software assurance and trustWorkshop summary software assurance and trust
Workshop summary software assurance and trust
 
Aniketos 2nd cluster meeting
Aniketos 2nd cluster meetingAniketos 2nd cluster meeting
Aniketos 2nd cluster meeting
 
Posecco clustering meeting
Posecco clustering meetingPosecco clustering meeting
Posecco clustering meeting
 

Último

CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 

Último (20)

CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 

Assert4soa 2nd cluster meeting

  • 1. You live in a certified house, you drive a certified car, why would you use an uncertified service? • SAP • Università degli Studi di Milano Ernesto Damiani • Engineering Ingegneria Informatica ernesto.damiani@unimi.it • SIT - Fraunhofer Institute • City University of London Università degli Studi di Milano • University of Malaga • Fondazione Ugo Bordoni 1
  • 2. Talk outline ●ASSERT4SOA in a nutshell ●Ongoing work, open problems, and (hopefully) some sharable ideas ●Next Exit: The Future Doctoral School – Security Patterns for ITC Infrastructures, 2 March-April 2011
  • 3. Motivation (I) ● Emerging paradigms like Cloud and SaaS are reviving the notion of open service ecosystem • Toward service virtualization: Invocation paradigm no longer an issue, security and reliability more an issue than ever. • Toward service communities: no single open-to-all service registry, but several large ones managed by cloud providers and/or communities ● This ongoing evolution of SOA requires re-thinking of testing and verification methodologies. ● Our two foundational ideas: • Make documentation of assurance available at run time to increase users’ confidence and enable assurance-aware service composition • Sign such documentation. Certification can play a role to establish a trust model suitable for service ecosystems 3 BS ME 20
  • 4. Modified Trust ● Modified trust model of software assurance documentation with certification 4 BS ME 20
  • 5. Motivation (II) ● Existing certification techniques and protocols not suitable for services • Defined for traditional monolithic software components • Provide engineers in charge of software procurement with human-readable evidences signed by a trusted third party ● Service-oriented certification techniques and protocols • Requires dynamic and machine-readable certificates • Should be integrated in run-time service selection and composition processes 5 BS ME 20
  • 6. ASSERT4SOA GOALS ● Produce novel techniques and tools for expressing, assessing and certifying security properties for complex service-oriented applications ● Integrate certification in the SOA lifecycle ● Extend SOA infrastructure for certificate- based selection and comparison of services 6
  • 7. ASSERT4SOA Vision Service Requested Service Consumer Assurance Consumer Properties Requested Assurance Certificate Certificate Properties 2. Lookup Requested Administration Point Administration Point 3. Evaluate properties Assurance Properties ASSERT Certificate Decision Certificate Decision 2. Lookup Point Point Service Discovery 3. Interact Service Discovery ASSERT Aware 4. Interact 1. Register 1. Register ASSERT Certification Schemes Service Certifiers Certificate Certificate (CC, SAS70, Certification SOA Specific..) Administration Point Administration Point Certification Schemes ASSERT Certifiers ASSERT ASSERT Service (CC, SAS70, Accredited Accredited SOA Specific..) Authority Authority 0. Deliver ASSERT Existing Component Digital World Current Situation ASSERT4SOA vision 7 ASSERT Component ASSERT Component Physical World
  • 8. ASSERT4SOA Certification Classes ● Evidence-based certification provides evidence-based proofs that a test carried out on the software has given a certain result, which in turn shows (perhaps with a certain level of uncertainty) that a given property holds for that software ● Model-based certification provides formal proofs that an abstract model (e.g., a set of logic formulas, or a formal computational model such as a finite state automaton) representing a software system holds a given property ● Ontology-based certification provides a solution to issue an ASSERT4SOA certificate starting from the certificates of a given software product (e.g., Common Criteria) 8
  • 9. ASSERT4SOA Certification Models ASSERT Accredited ASSERT Accredited Authority Authority Service Consumer Requested Certificate Certificate Assurance Administration Point Administration Point Properties Requested ASSERT Assurance Properties Certificate Decision Certificate Decision Point Point Evidence Service Discovery Reasoner Ontology ASSERT Aware Ontology ASSERT Reasoner Certificate Evaluation Point Certificate Evaluation Point 9
  • 10. Ongoing work, open problems and (hopefully) sharable ideas 10
  • 11. What shall we certify? ● Security properties (a.k.a. generic security requirements) for the service under evaluation (e.g., Confidentiality, Integrity, Authenticity) • Maybe reliability and dependability ● Need a top ontology of such properties • Coordinated effort with Ed Fernandez’s NSF project on reliability Doctoral School – Security Patterns for ITC Infrastructures, 11 March-April 2011
  • 12. Linking security properties to security mechanisms ● Problem 1: abstract security properties are mostly expressed as requirements at the service (or container) design time • Links to service features and mechanisms are seldom specified • No SLA-style metadata for run-time negotiation of security or reliability features Doctoral School – Security Patterns for ITC Infrastructures, 12 March-April 2011
  • 13. Linking security properties to security mechanisms • An idea: an ontology of concrete properties, i.e. abstract properties enriched with a set of “class attributes”: test- generation or formal model of security mechanisms, adversarial model, etc.. • Domain of each attribute has a partial/total order relationship • Example: confidentiality property on service requests/responses, with a DES algorithm and a key length of 128 bits, adversarial model: can read channel. • Concrete properties are testable or verifiable at the service or container level. Doctoral School – Security Patterns for ITC Infrastructures, 13 March-April 2011
  • 14. Mapping property certificates to services ● Problem 2: security mechanisms are not in a one-to-one relationship with service endpoints • Current security standards are usually implemented at container level (e.g., Rampart) • Individual services may have their own implementations to be used in addition or as an alternative to container-level mechanisms • BTW: services are not even in a one-to-one relationship with their endpoints (especially on cloud, see later) Doctoral School – Security Patterns for ITC Infrastructures, 14 March-April 2011
  • 15. SOME SHARABLE IDEAS ● Testing and formal methods for certified WS security • With classic WS security standards and patterns as building blocks, develop assurance mechanisms supporting the certification of basic security properties for individual Web services and for service containers. Such assurance mechanisms can be based on (model-based) security testing and on formal methods. ● Run-time selection of secure services. • Replacing the traditional “red line” between the caller - e.g., a BPEL engine - and the callee with a mechanism capable of checking customized assurance policies, we support different isolation and protection mechanisms. • Also, we select accountability and recovery mechanisms at run-time. ● Models and techniques for building end-to-end certified business processes. • Generally speaking, security properties of individual services cannot be used to infer security properties of a composition they partake. However, such inference can sometimes be drawn when the composition topology is known a priori (e.g., it is a simple orchestration). • We will investigate a set of domain-specific cases involving different components at different abstraction layers (ranging from secure file system, to financial information control), where it is possible to link everything together and use certified services to build end-to-end certified 15 processes.
  • 16. Architectural challenges ● WITHIN ASSERT4SOA • Extend current SOA infrastructure with security certificates • Provide a mechanism for runtime certificate matching that evaluates if the assurance level provided by a service’s certificate is compatible with clients’ preferences ● OTHER SHARABLE IDEAS • Use certificate matching to enforce customized assurance policies, e.g. supporting different isolation and protection mechanisms for processess. • Use certificate matching to select accountability and recovery mechanisms at run-time Doctoral School – Security Patterns for ITC Infrastructures, 16 March-April 2011
  • 17. Outlook Doctoral School – Security Patterns for ITC Infrastructures, 17 March-April 2011
  • 18. Certified security from SOA to Cloud ● Distinction between SOAs and SaaS on clouds increasingly blurred ● One of the core patterns for SaaS over SOA is "Service Virtualization”, used by organizations to expose virtual services in front of their infrastructure. • These virtual services can take the form of lightweight REST APIs or heavyweight SOAP Web Services. Hybrids are also possible, e.g. exposing a REST service in front of a SOAP service, and convert REST to SOAP dynamically. Doctoral School – Security Patterns for ITC Infrastructures, 18 March-April 2011
  • 19. Certified security from SOA to Cloud ● How does it work? Use on-the-fly WSDL redirection (as of WSDL 2.0, applies to REST API as well as SOAP). • WSDL includes the address of the service provider host. When the Gateway exposes a virtual service, it must replace this address with the address of the Gateway. • FQDN endpoints will still work.. • But wxactly who are we talking to? ● A potential security nightmare (see later), but also a new research area: Service virtualization security Doctoral School – Security Patterns for ITC Infrastructures, 19 March-April 2011
  • 20. Hard nut to crack: Cross-layering ● Service-level security mechanisms are assumed to be independent from channel and protocol level provisions ● BUT: virtualization will introduce a degree of cross- layering • E.g.: WSDL addresses using SSL makes SSL certificates dependent on hostname changes. ● Typical cross-layered solution: use a SSL Server Name Identifier (SNI) that will dynamically use the appropriate SSL certificate (and private key) for the endpoint. • Introduces potential security concerns in the service endpoint – to-certificate matching. • No service-level certificate will deal with this Doctoral School – Security Patterns for ITC Infrastructures, 20 March-April 2011