WSTrust Specification

1
WS-Trust Specification

• Overview
• Juwel Rana

2
Agenda

• Goals
• Approach
• Examples
• Summary

3
Goals

• Enable Web Applications to construct trusted
  message exchanges
• Provide a flexible set of mechanisms that can be
  used to support a range of security protocols

4
What is Web Service

• A Web service is a software application
  identified by a URI, whose interfaces and binding
  are capable of being defined, described, and
  discovered by XML artifacts, and supports direct
  interactions with other software applications
  using XML-based messages via Internet-based
  protocols.
• Three rolesA network component in a Web Services
  architecture can play one or more fundamental
  roles
• Service Provider
• Service Requester
• Service Broker
• Three operationsThe three fundamental operations
  of Web Services are
• Publish
• Find
• Bind
• Google Calendar !!!!! lt- A web service that we
  are using every moment.

5
SOAP-Messaging

• SOAP Specifies a messaging framework (XML
  documentsSOAP messages) for Web Services
• SOAP messages encapsulate information transmitted
  to and from a Web Service.
• Example SOAP message containing a SOAP header
  block and a SOAP body
• ltenvEnvelope xmlnsenv"http//www.w3.org/2003/05
  /soap-envelope"gt
• ltenvHeadergt
• ltnalertcontrol
• xmlnsn"http//example.org/alertcon
  trol"gt
• ltnprioritygt1lt/nprioritygt
• ltnexpiresgt2001-06-22T140000
  -0500lt/nexpiresgt
• lt/nalertcontrolgt
• lt/envHeadergt
• ltenvBodygt
• ltmalert xmlnsm"http//example.org/a
  lert"gt
• ltmmsggtPick up Mary at school at
  2pmlt/mmsggt lt/malertgt
• lt/envBodygt
• lt/envEnvelopegt

6
What is a secure web service

• A secure web service is one in which the
  information sender trusts that the recipient of
  that information is really who is claims to be
  and vice versa.
• A secure web service is one in which the
  information can be received and accessed only by
  the intended recipient.

7
Secure, Reliable, TransactedWeb Services
Service Composition
BPEL4WS
Composable Service Assurances
Security
Reliable Messaging
Transactions
Description
WSDL, UDDI
Messaging
XML-RPC, SOAP
Transports
HTTP, HTTPS, SMTP
From joint IBM/MS WS Whitepaper at
http//msdn.microsoft.com/webservices/default.asp
x?pull/library/en-us/dnwebsrv/html/wsoverview.asp

8
Web Service Security History

• Submitted to OASIS September 2002
• Interoperability testing began Summer 2003
• OASIS Standard - April 2004
• Core Specification Username and X.509 Profiles
• SAML Profiles OASIS Standard December 2004
• Public Interoperability Demo April 2005
• WSS 1.1 OASIS Standard February 2006
• Includes Attachments Kerberos
• Formal WSS 1.1 Errata approved November 2006
• WS-Trust V1.3 (19 march 2007)

9
Web Services Security Stack
WS-Federation
WS-Secure Conversation
WS-Authorization
WS-Policy
WS-Trust
WS-Privacy
WS-Security
SOAP
SOAP
Transport Layer (HTTP)
Transport (HTTP)
10
Web Services Security Specifications

• WS-Security
• Used to secure SOAP messages, how to protect the
  messages with digital signature
• WS-Policy
• Specifies security requirements
• WS-Trust
• Used to obtain identity and access tokens
• WS-SecureConversation
• Used to create sessions for commoncommunication
  paths
• WS-Privacy describes privacy policy
• WS-Authorization Define how to exchange
  information among parties.
• WS-Federation
• Used to broker identities across trust boundaries

11
WS-Security

• Defines a standard set of SOAP extensions that
  enable applications to construct secure SOAP
  message exchanges
• Enables implementation of credential exchange,
  message-level integrity and confidentiality

12
WS-Trust

• WS-Trust defines protocols for
• Security token creation, management and exchange
• Specifically WS-Trust builds upon WS-Security to
  provide
• Methods for issuing and exchanging security
  tokens,
• Ways to establish and access the presence of
  trust relationships
• Defined using WSDL

13
Trust Model

• Messages MAY be required to prove a set of
  claims (e.g., name, key, permission, capability,
  etc.).
• Messages without having the required proof of
  claims, SHOULD be ignored/rejected.
• Requester MAY contact an appropriate authority
  (Security Token Service) which may require their
  own set of claims.
• Security token services form the basis of trust.
• A challenge response protocol MAY be required for
  freshness and proof-of-possession.

14
Trust Model Diagram
15
Security Token Issuance, Validation and Exchange

• Requesting a Security Token
• Basic elements for requesting specific token
  types
• Scope Requirements
• Key and Encryption Requirements
• Delegation, Forwarding, and Proxy Requirements
• Lifetime and Renewal Requirements
• Policies
• Returning Tokens
• Basic element to determine specific token type
  retuned
• Scope Requirements
• Key and Encryption Requirements

16
Request Example

• Request Header
• Defines the type of security token requested
• The action that is being requested
• References tokens that are used to validate the
  authenticity of a request
• References the supporting tokens used to
  authorize request

ltRequestSecurityTokengt
ltTokenTypegt...lt/TokenTypegt
ltRequestTypegt...lt/RequestTypegt
ltBasegt...lt/Basegt ltSupportinggt...lt/Supporti
nggt lt/RequestSecurityTokengt
17
Response Example

• Response Header
• Defines the type of security token requested
• Specifies the type of key used in the token
• Specifies the size of the key returned
• Specifies the scope to which this security token
  applies
• Requested security token
• Proof-of-possession token

ltRequestSecurityTokenResponsegt
ltTokenTypegt...lt/TokenTypegt
ltKeyTypegt...lt/KeyTypegt ltKeySizegt...lt/KeySi
zegt ltwspAppliesTogt...lt/wspAppliesTogt
ltRequestedSecurityTokengt...
lt/RequestedSecurityTokengt
ltRequestedProofTokengt...
lt/RequestedProofTokengt lt/RequestSecurityTokenRespo
nsegt
18
Challenges

• Describes how challenges are issued and responded
  to within trust framework
• Basic elements for signing parts of the challenge
  request and response
• Part of a SecurityTokenResponse element
• BinaryNegotiation element
• For exchange of binary blobs as part of an
  existing negotiation protocol

19
Challenge Protocol
20
Management of Trust Models

• Fixed trust roots Simple fixed set of trust
  relationships between requestor and recipient.
• Trust hierarchies Builds on fixed trust roots
  but allows hierarchies of trust between requestor
  and recipient.
• Authentication service Essentially a fixed
  trust root where the recipient only trusts the
  authentication service.

21
Models for Trust Assessment

• Two methods of assessing the presence of a trust
  relationship
• In-band
• As part of a message flow
• Out-of-band
• Trusted Entity

22
Password-Based Key Derivation

• Username/password based authentication
• Multiple key derivation algorithms supported

23
Summary

• Using these extensions, applications can engage
  in secure communication designed to work with
• General Web Services framework including WSDL
• UDDI businessServices
• SOAP messages

24

• References
• WS-Trust Specification V1.3
• Lecture Notes of Web Languages Course of Prof.
  Fabio Casati
• Lecture Notes of Web Services Course of Prof.
  Mihhail Matskin
• http//www.oasis-open.org/home/index.php
• Steve Graham, D. Davis, S. Simeonov, G. Daniels,
  B Peter, N Yuichi, F Paul, D Konig, Z. Claudia,
  Building Web Services with JAVA Second Edition,
  Sams Publishing.
• James Snell, t. Doug, K. PavelProgramming Web
  Services with SOAP, 1st edition, OREILLY.

25
Questions?
26
Thanks