Building Blocks - Security

What is amazing is that, with this model, for the first time users have an approach that allows integration of Kerberos, X.509/PKI, and other security models. Building up from WS-Security are the following composable building blocks:

• WS-Policy—Defines how to express capabilities and constraints of security policy. (This topic was covered in Chapter 8 but is summarized here.)

• WS-Trust—Describes the model for establishing both direct and brokered trust relationships, including intermediaries.

• WS-Privacy—Enables users to state privacy preferences and Web services to state and implement privacy practices.

• WS-SecureConversation—Describes how to manage and authenticate message exchanges between parties, including exchanging security contexts and establishing and deriving session keys.

• WS-Federation—Describes how to manage and broker the trust relationships in a heterogeneous federated environment, including support for federated identities.

• WS-Authorization—Defines how Web services manage authorization data and policies.

---

Note - The purpose of describing all these "standards" here, even when some of them are as yet unpublished, is two-fold. First, we hope our introduction to these evolving specifications will help you avoid re-inventing the wheel on an area you need for your Web services to be successful. Second, our goal is to let you know that significant work is being done on these standards, and progress is rapid. Consequently, if these standards are important to you, you will be able to find some useful guidance by scouring the Web and the standards bodies' repositories.

---

WS-Security and the layers above it support what could be called the triangle of distributed message-based security that is composed of trust, interoperability, and integration. The triangle of WS-Security specifications is shown in Figure 9.2.

Figure 9.2  The WS-* Security triangle of trust,
integration, and interoperability.

The first point of the security triangle is trust. Trust, of course, is fundamental to security. No trust, no security. In a Web services world, trust is very complex. Trust is represented in relationships; it can be explicitly established, or it may be presumed. Assertions are used to represent trust and trust relationships. WS-Trust is the WS-* security standard building block focused on trust relationships. The other trust-related standard in this point of the security triangle is WS-Privacy. WS-Privacy specifies the rules that must be followed when an entity trusts a service with its self-descriptive (that is, personally identifiable) data.

The second point of the security triangle is interoperability. You can think of interoperability in terms of communication standards that allow distinct systems to cooperate. This capability is especially important when those communications are secured. Secure communications adhere to several different protocols, so interoperable secure communications must be able to map one protocol to another. Besides WS-Security itself, the two other WS-* security family standards that relate to interoperability are WS-Policy and WS-SecureConversation.

The third point of the security triangle is integration. Web services' primary raison d'etre is for application and organizational integration. Integration involves one system that previously did not communicate with another extending its architecture to be able to do so. It means that existing services are reused for new purposes. This necessarily means that identities and the trust model under which they operate need to interoperate and do so across heterogeneous environments. An important issue this raises is federation. Federation is the agreement among a group of entities that they will share identities as well as the attributes of those identities with other members of their group. Two of the WS-* family of standards relate to integration: WS-Federation and WS-Authorization.