A Conceptual Technique for Modelling Security as a Service in Service Oriented Distributed Systems

Transcription

1 Volume 1, Number 2, December 2014 JOURNAL OF COMPUTER SCIENCE AND SOFTWARE APPLICATION A Conceptual Technique for Modelling Security as a Service in Service Oriented Distributed Systems Satish Kumar*, Avadhesh Kumar Gupta Institute of Management Studies, Ghaziabad, Uttar Pradesh, India. *Corresponding author: [email protected] Abstract: Service-Oriented Architecture (SOA) is an architectural paradigm for developing distributed systems. One of the major challenge in the designing of SOA is developing its security requirements. SOA security is an overarching concern because it affects discovery and interaction of services and applications in an SOA environment. In recent years, a lot of solutions have been implemented such as Web Service Security (WS-Security), WS Trust and Web Service Security Policy (WS-Security Policy) standards. These standards are not sufficient for the promising enterprise system security. In this paper, we proposed a security model for SOA that constitute the foundation for our Security As A service (SAAS) approach. Based on the model for service interaction that describes exchange of secured messaging in distributed environment. Keywords: Service-Oriented Architecture; Security As A Service; WS-Trust; Web Services 1. INTRODUCTION Service-Oriented Architecture (SOA) has become a popular architecture pattern in enterprise application development. Due to the emergence of web services that are implemented by SOA is a solution of enterprise application development due to platform and language independent. SOA based application is a combination of services and these services could be implemented in different technologies and are deployed over heterogeneous networks [1]. In distributed environment, security is a critical issue for enterprise systems and it is necessary to ensure security in SOA based application. When the advance of Web services technologies have been used increasingly, the next issue which should be concerned is security for the information or message transferred across the network. There are several approaches for implement the security in SOA based application. In traditional security approaches make the impact of performance and high cost maintenance of application [2]. Another approach has come up with the solution of these problem is called Security As A Service (SAAS). For example: In traditional security approaches, application has built with few services and each service implemented its with own security which is invoked as a part of service consumer and provider as depicts in Figure 1. When enterprise needs to secure large number of services. The traditional security approach is not right way of security implementation due to replication of security enforcement machinery across all 1

2 Figure 1. Security implementation as part of each services service consumer. services and service consumers [2]. Worse still, if security requirements differ for each application then the security machinery of each security will check similar security leading to high maintenance cost. Security as service depicts in Figure 2 is a solution over traditional approach for building secure large number of services. This approach explores a way of shifting some of the security enforcement burden from service consumer and service to a shared security service. A shared service helps to enforce security polices consistently across all services. This approach is not completely suitable from the performance point of view. For example, suppose several service consumers want to access the service at the same time, the security credentials will be checked at the server side and take more time for validation. 2. RELATED WORK The well-known standard for security requirements of web services are integrity, confidentiality and availability. There are various techniques to tackle these three security aspects such as using XML Signature or digital signature in XML format to ensure the data integrity, using XML Encryption to provide confidentiality while a message is in transit over the network [3]. WS-Reliable Messaging Protocol to guarantee that a message transited in the network layer has been received by receiver [4]. Although, there are various standards for Web services security but perhaps the most important standard is WS-Trust, because it is used for identifying trust relationship by using concept of Security token services (STS) as well as WS-Policy. WS-Secure Conversation is designed to deal with tokens of message exchange in a short period of time whereas WS-Federation is designed for managing trust relationships in different types of system. The last one is WS-Authorization designed to support authorization mechanism for data transferred between applications. SOAP message security is one of the most vital concerns for security in Web services as a result of various types of attacks such as replay attack, man-in-the middle attack and token substitution attack which can break down message confidentiality and integrity [5]. So WS-Security is a security standard to deal with those problems by using XML Encryption and XML 2

3 A Conceptual Technique for Modelling Security as a Service in Service Oriented Distributed Systems Figure 2. Security implementation as a separate service. Signature to protect confidentiality and integrity respectively. Furthermore, WS-Security supports security token which is commonly used to provide authentication and authorization. According to Zhang [6], there are several techniques for token-based authentication namely username, X.509 PKI certificates, Kerberos tickets, Security Assertions Markup Language (SAML) and Web Services Security Rights Expression Language (REL) or known as XML Rights Management Language (XrML) [3]. They can be categorized into three types which are unsigned security token namely username token profile, signed security token namely X.509 certificates and Kerberos tickets, XML security token namely SAML and XrM [7, 8]. The different between Kerberos tickets and X.509 certificates is encryption algorithm, the former uses symmetric encryption algorithm whereas the latter uses public key encryption [9]. According to Nordbotten [3], username token can prevent replay attacks by including nonce and timestamp in the message (this method can use in every security token mechanisms), Fournet and Gordon [10] shows that username token is not a strong authentication enough to prevent from attackers. However, they suggest solution that it may be stronger if XML digital signature is added in conjunction with username token. There are some research papers about performance comparison of Kerberos and X.509 token profile illustrated that transfer rate of Kerberos token profile is far outweigh X.509 token profile by 28% due to different type of cryptographic algorithm [9]. However, there is some threat engage to Kerberos token profile which is Kerberos is prone to key re-use. REL/XrML is different from SAML because it is based on license as a security token, used for providing key to authorization in the message. On the other hand, because of its format is in XML format so that it is similar to SAML, Nordbotten [3] suggested that using SAML rather than using REL/XrML due to the fact that SAML is more broadly accepted by many Web services applications. Potential threats of SAML and REL/XrML are same as other security token formats and can protect by using signature and encryption technique. 3

4 Figure 3. Security implementation as a separate service on ESB. 3. STANDARDS FOR IMPLEMENTING SECURITY AS A SERVICE A number of standards and technologies are available for implementing security as a service. Some of them are: WS-Trust: WS-Trust defines a standard interface for obtaining/issuing, renewing, cancelling, and validating security tokens such as SAML assertions. Specifically, a security token service (STS) is defined, providing these mechanisms as web services [11, 12]. So, after discovering what security token is required, the service consumer may use WS-Trust in order to obtain required token from an STS. Security Assertion Markup Language (SAML): SAML is used to exchange the security information among different security domain [13]. SAML provides two services such as authentication and authorization services. Based on SAML protocol, authentication service creates request and response which are used by Security Token Service (STS) for validating the user. WS-Addressing: Standardize SOAP specification explicitly supports the use of one or more intermediaries (such as secure services) in message path by laying down specific rule for preventing destination endpoint information when routing a message via the security service [7]. 4. NEW APPROACH FOR MODELLING SECURITY AS A SERVICE (SAAS) Security As A Service (SAAS) approach is a better choice to solve SOA security based on the concept of shared services. Security services are effectively and correctly implemented and also scaled locally outside the system or as a domain wide service [2, 14]. We proposed a new way of implementing the security by using SAAS approach shown in Figure 3. In this way, SAAS approach is implemented on the Enterprise Service Bus (ESB). An ESB has the ability to implement the shared security and improve the performance of application. On ESB, security credentials are validating during the transmission of data or request from the service consumer to service. The time will be reduced for processing the request due to security validation has validated on ESB and the overall performance of the system will be increased. 4

5 A Conceptual Technique for Modelling Security as a Service in Service Oriented Distributed Systems Figure 4. Shared security service architecture in a domain. 4.1 Proposed model for SAAS implementation The proposed architecture of SAAS approach is based on concept of shared security service implemented in University System as depicts in Figure 4. The higher part of this architecture shows the University System, which contain various service endpoints. The lover part shows SAAS components and security interfaces. The global request and response handlers are integrated with service endpoints. These handlers interrupt the incoming and outgoing message to or from a service endpoint and provide primitive security. Proposed SAAS based architecture approach breaks the security tasks into SAAS Component and service endpoint security architecture. Endpoint integrated security perform security task such as encryption/decryption, validation and key exchange by using Security Proxy Handler [14, 15]. SAAS components are the core which are deployed by security domain that provides shared security to all service endpoints in this domain. Policy Repository contains policies for different security requirements such as authentication, authorization etc. Authentication Service: Authentication Service provides user authentication inside or outside the domain. Authentication Services validate the user identity and send the signed authentication decision to endpoint. At the endpoint, SPH validates the signature before forwarding the authentication decision to intended services. Authorization Service: Authorization Service is used to verify the permission assigned to user from the policy repository. Authorization Service sends the authorization assertion to endpoint. At the endpoint, SPH validates the signature and then permits to valid user. Monitoring Service: Monitoring Service is responsible to handle the events which are generated by endpoint or security service of SAAS components. Logging Service: Logging Service registers the service request and response messages for access the information or resources from the system. 5

6 5. CONCLUSION In this paper, we presented an approach for implement the security in SOA based distributed systems. Our approach is based on Security As A Service (SAAS) concept that gives an idea for implements the separate security as service which reduced the burden of consumer services and providers. This approach needs more research for increasing message reliability and privacy of information in distributed system. References [1] M. H. Valipour, B. AmirZafari, K. N. Maleki, and N. Daneshpour, A brief survey of software architecture concepts and service oriented architecture, in Computer Science and Information Technology, ICCSIT nd IEEE International Conference on, pp , IEEE, [2] R. Kanneganti and P. Chodavarapu, SOA Security [3] N. A. Nordbotten, XML and Web services security standards, Communications Surveys & Tutorials, IEEE, vol. 11, no. 3, pp. 4 21, [4] C. Geuer-Pollmann and J. Claessens, Web services and web service security standards, Information Security Technical Report, vol. 10, no. 1, pp , [5] E. Bertino, L. Martino, F. Paci, and A. Squicciarini, Security for web services and service-oriented architectures. Springer, [6] W. Zhang, Integrated security framework for secure web services, in 2010 Third International Symposium on Intelligent Information Technology and Security Informatics, pp , [7] A. Nadalin, C. Kaler, R. Monzillo, and P. Hallam-Baker, Web services security: SOAP message security 1.1 (WS-Security 2004), 1-spec-errata-os-SOAPMessageSecurity.pdf. [8] Z. Wu and A. C. Weaver, Using web services to exchange security tokens for federated trust management, in Web Services, ICWS IEEE International Conference on, pp , IEEE, [9] A. Moralis, V. Pouli, M. Grammatikou, S. Papavassiliou, and V. Maglaris, Performance comparison of Web services security: Kerberos token profile against X. 509 token profile, in Networking and Services, ICNS. Third International Conference on, pp , IEEE, [10] K. Bhargavan, C. Fournet, and A. D. Gordon, A semantics for web services authentication, Theoretical Computer Science, vol. 340, no. 1, pp , [11] OASIS:WS-SecurityPolicy,tutorial. [12] A. Nadalin, M. Goodner, M. Gudgin, A. Barbir, and H. Granqvist, Web services security policy language 1.2, Public Draft Specification, [13] OASIS security assertion markup language (SAML). [14] M. Memon, M. Hafner, and R. Breu, SECTISSIMO: Security As A Service- A Reference Architecture for SOA Security, in ICT-FET , FWF project, [15] A. Dikanski, C. Emig, and S. Abeck, Integration of a security product in service-oriented architecture, in Emerging Security Information, Systems and Technologies, SECURWARE 09. Third International Conference on, pp. 1 7, IEEE,