User Management Interfaces for Earth Observation Services Abstract Test Suite



Similar documents
Web Services. Web Service Security. Copyright 2010 Davide Cerri & Srdjan Komazec

Secure Authentication and Session. State Management for Web Services

<Insert Picture Here> Oracle Web Services Manager (WSM)

CICS Web Service Security. Anthony Papageorgiou IBM CICS Development March 13, 2012 Session: 10282

WEB SERVICES SECURITY

OIO SAML Profile for Identity Tokens

Single Sign-On Implementation Guide

SAML Implementation Guidelines

WebService Security. A guide to set up highly secured client-server communications using WS-Security extensions to the SOAP protocol

How To Use Saml 2.0 Single Sign On With Qualysguard

This chapter describes how to use the Junos Pulse Secure Access Service in a SAML single sign-on deployment. It includes the following sections:

Interoperable Provisioning in a Distributed World

CA Nimsoft Service Desk

Presented By: Muhammad Afzal 08May, 2009

This Working Paper provides an introduction to the web services security standards.

Securing Web Services From Encryption to a Web Service Security Infrastructure

CS 356 Lecture 28 Internet Authentication. Spring 2013

OIOIDWS for Healthcare Token Profile for Authentication Tokens

Single Sign-On Implementation Guide

e-filing Secure Web Service User Manual

Identity Assurance Hub Service SAML 2.0 Profile v1.2a

Single Sign-On Implementation Guide

Mobile Security. Policies, Standards, Frameworks, Guidelines

02267: Software Development of Web Services

HMA AWG Meeting Proposal for a Security Token Service September 2009 Marko Reiprecht con terra GmbH, Germany

Introduction...3 Terms in this Document...3 Conditions for Secure Operation...3 Requirements...3 Key Generation Requirements...

Single Sign-On Implementation Guide

Creating a Secure Web Service In Informatica Data Services

vcommander will use SSL and session-based authentication to secure REST web services.

OAuth 2.0 Developers Guide. Ping Identity, Inc th Street, Suite 100, Denver, CO

IAM Application Integration Guide

Agenda. How to configure

Secure Identity Propagation Using WS- Trust, SAML2, and WS-Security 12 Apr 2011 IBM Impact

Tenrox. Single Sign-On (SSO) Setup Guide. January, Tenrox. All rights reserved.

PowerCenter Real-Time Development

Webmail Using the Hush Encryption Engine

Core Feature Comparison between. XML / SOA Gateways. and. Web Application Firewalls. Jason Macy jmacy@forumsys.com CTO, Forum Systems

igovt logon service Context Mapping Service (icms) Messaging Specification Release 9.6

GS1 Trade Sync Connectivity guide

Technik und Informatik. SOAP Security. Prof. Dr. Eric Dubuis Berner Fachhochschule Biel. Version April 11, 2012

The increasing popularity of mobile devices is rapidly changing how and where we

Web Based Single Sign-On and Access Control

NEMA Standards Publication PS 3 Supplement 41. Digital Imaging and Communications in Medicine (DICOM) Digital Signatures

STUDY ON IMPROVING WEB SECURITY USING SAML TOKEN

Lecture Notes for Advanced Web Security 2015

T0 Federation Scaling through self service. September, Heath Marks, Manager AAF.

Den Gode Webservice - Security Analysis

Security Yokogawa Users Group Conference & Exhibition Copyright Yokogawa Electric Corporation Sept. 9-11, 2014 Houston, TX - 1 -

ADFS Integration Guidelines

Cisco AnyConnect Secure Mobility Client VPN User Messages, Release 3.1

A Signing Proxy for Web Services Security. Dr. Ingo Melzer RIC/ED

e-gov Architecture Architectural Blueprint

SAML-Based SSO Solution

Implementation Guide SAP NetWeaver Identity Management Identity Provider

AD Image Encryption. Format Version 1.2

OPENID AUTHENTICATION SECURITY

Standards for Identity & Authentication. Catherine J. Tilton 17 September 2014

IBM WebSphere Data Power SOA Applicances V3.8.1 Solution IMP. Version: Demo. Page <<1/10>>

MiGS Virtual Payment Client Integration Guide. July 2011 Software version: MR 27

WebLogic Server 7.0 Single Sign-On: An Overview

TIB 2.0 Administration Functions Overview

Apigee Gateway Specifications

SAML and OAUTH comparison

OpenLogin: PTA, SAML, and OAuth/OpenID

Is your data safe out there? -A white Paper on Online Security

SSO Eurécia. and external Applications. Purpose

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Test Plan for Liberty Alliance SAML Test Event Test Criteria SAML 2.0

Microsoft Office 365 Using SAML Integration Guide

EHR OAuth 2.0 Security

Xerox DocuShare Security Features. Security White Paper

PingFederate. Salesforce Connector. Quick Connection Guide. Version 4.1

SCAS: AN IMPROVED SINGLE SIGN-ON MODEL BASE ON CAS

IBM Tivoli Federated Identity Manager V6.2.2 Implementation. Version: Demo. Page <<1/10>>

Efficiency of the Single Sign On mechanism in a tactical network environment

Copyright: WhosOnLocation Limited

Security Policy Revision Date: 23 April 2009

October 2014 Issue No: 2.0. Good Practice Guide No. 44 Authentication and Credentials for use with HMG Online Services

BlackBerry Enterprise Service 10. Secure Work Space for ios and Android Version: Security Note

Ameritas Single Sign-On (SSO) and Enterprise SAML Standard. Architectural Implementation, Patterns and Usage Guidelines

Canadian Access Federation: Trust Assertion Document (TAD)

Setup Guide Access Manager Appliance 3.2 SP3

Get Success in Passing Your Certification Exam at first attempt!

Security Assertion Markup Language (SAML)

ATWD XML Web Service Handbook

Monitoring the BlackBerry Enterprise Server

Web Services Security with SOAP Security Proxies

Criteria for web application security check. Version

OFFICE OF THE CONTROLLER OF CERTIFICATION AUTHORITIES TECHNICAL REQUIREMENTS FOR AUDIT OF CERTIFICATION AUTHORITIES

Custom Encryption in Siebel & Siebel Web Service Security Test Guide 1.0

Secure Network Communications FIPS Non Proprietary Security Policy

This Annex uses the definitions set out in the Agreement on service of payment cards on the Internet (hereinafter the Agreement).

Easy CramBible Lab DEMO ONLY VERSION Test284,IBM WbS.DataPower SOA Appliances, Firmware V3.6.0

JVA-122. Secure Java Web Development

WebNow Single Sign-On Solutions

AAF boost. AAF boost 2014 report for AAF EXAMPLE ORGANISATION

Salesforce1 Mobile Security Guide

SAML Single-Sign-On (SSO)

ABOUT TOOLS4EVER ABOUT DELOITTE RISK SERVICES

OpenADR 2.0 Security. Jim Zuber, CTO QualityLogic, Inc.

Transcription:

User Management Interfaces for Earth Observation Services Abstract Test Suite Primary Author Andrew Woolf, STFC Rutherford Appleton Laboratory Revision history Version Contributors Date Changes 0.1 Andrew Woolf 2009-01-31 First draft ATS for 07-118r1 Overview The OGC specification 07-118r1 (User Management Interfaces for Earth Observation Services) specifies how EO protocol definitions (e.g. catalogue, ordering, programming) may be supplemented with user and identitiy management information. It describes how existing specifications (WS-Security, SOAP) may be used to implement authentication and authorisation for EO services. This document specifies an Abstract Test Suite for the User Management Interfaces. References [ISO 19105] ISO 19105:2000, Geographic information Conformance and testing [07-118r1] OGC 07-118r1, User Management Interfaces for Earth Observation Services [HMAT-TN-0001-IGN] IGN, HMA-T Phase 2 Testing Policy Contents Overview... 1 References... 1 Annex A: Abstract Test Suite (normative)... 3 A.1 Conformance Test Class : The Core... 3 A.1.1 Authentication: Federating Entity is request-designated IdP... 3 A.1.2 Authentication: External entity is request-designated IdP... 3 A.1.3 Authentication: No request-designated IdP but Federating entity is resolved as IdP... 3 A.1.4 Authentication: No request-designated IdP but External entity is resolved as IdP... 4 A.1.5 Authentication: Test module for WS-Security... 4 A.1.5.1 WS-Security: Encryption... 4 A.1.5.2 WS-Security: Digital signature... 4 A.1.5.3 WS-Security: SAML profile... 5 A.1.6 Authentication: Failed authentication request... 5 A.1.7 Authorisation: Synchronous response... 5 A.1.8 Authorisation: Asynchronous response... 6 A.1.9 Authorisation: Test module for failed authorisation requests... 6 A.1.9.1 Authorisation: Failed authorisation request (SAML token not supplied)... 6 A.1.9.2 Authorisation: Failed authorisation request (invalid SAML token)... 6 A.1.9.3 Authorisation: Failed authorisation request (expired SAML token)... 7

A.1.9.4 Authorisation: Failed authorisation request (not authorised to use service)... 7 A.1.9.5 Authorisation: Failed authorisation request (specific request not authorised)... 7 Annex B: Executable Test Suite (normative)... 9

Annex A: ABSTRACT TEST SUITE (NORMATIVE) A.1 Conformance Test Class : The Core A.1.1 Authentication: Federating Entity is request-designated IdP The authentication request contains an identifier for the federating entity authentication service. a) Test Purpose: For authentication purposes, the Identity provider (IdP) role may be fulfilled by the entity receiving the service request (the federating entity ). The request must include an identifier indicating this. This test verifies that such a request authenticates successfully. recognised and validated by the Federating Entity authentication service, and receive in return a SAML token encrypted and signed by the Federating Entity. c) Reference: OGC 07-118r1, clause 6.4.3.1 A.1.2 Authentication: External entity is request-designated IdP The authentication request contains an identifier for the external entity authentication service. a) Test Purpose: For authentication purposes, the Identity provider (IdP) role may be fulfilled by a named entity external to the Federating Entity. This test verifies that such a request authenticates successfully. recognised and validated by a specified External Entity separate from the federating IdP, and receive in return a SAML token encrypted and signed by the Federating Entity. c) Reference: OGC 07-118r1, clause 6.4.3.2 A.1.3 Authentication: No request-designated IdP but Federating entity is resolved as IdP In this use case there is no IdP specified in the authentication request. The authentication service resolves the IdP from the part profile stored in the local user registry which in this case contains an identifier for the local federating entity authentication service. a) Test Purpose: For authentication purposes, the Identity provider (IdP) role may be fulfilled by the Federating Entity, even though not specified explicitly in the request. This test verifies that such a request authenticates successfully. recognised and validated by the local Federating Entity authentication service even though not specified explicitly and receive in return a SAML token encrypted and signed by the same Federating Entity.

c) Reference: OGC 07-118r1, clause 6.4.3.3 A.1.4 Authentication: No request-designated IdP but External entity is resolved as IdP In this use case there is no IdP given in the authentication request. The authentication service resolves the IdP from the part profile stored in the local user registry which in this case contains an identifier for an external entity authentication service. a) Test Purpose: For authentication purposes, the Identity provider (IdP) role may be fulfilled by an external entity, even though not specified explicitly in the request. This test verifies that such a request authenticates successfully. recognised and validated by an External Entity unspecified in the request separate from the federating authentication service and receive in return a SAML token encrypted and signed by the Federating Entity. The External Entity is resolved through a lookup on the local user registry. c) Reference: OGC 07-118r1, clause 6.4.3.4 A.1.5 Authentication: Test module for WS-Security The security model is based on the WS-Security SAML token profile. An authentication request contains the name and password identifying the user plus an optional definition of the designated identity provider. User credentials are sent in SOAP over an encrypted channel i.e. HTTPS. An encrypted and signed SAML token is returned in the WS-Security element of SOAP header and returned over SOAP over HTTPS. The client is able to verify the signature but is unable to decrypt (and therefore modify) the content. A.1.5.1 WS-Security: Encryption Encryption and decryption of the SAML token is performed by the authentication service during an authentication request and response. It is performed by the Policy Enforcement Point during the authorization request and response. The encryption algorithm proposed is AES-128. a) Test Purpose: Verification of correct encryption by Federating Entity. b) Test Method: For the purpose of this test, the conformance test environment has a copy of the Federating Entity private key, as well as its public key. Send an authentication request with credentials (username and password) that are recognised and validated by the Federating Entity authentication service, and receive in return a SAML token encrypted and signed by the Federating Entity. Verify encryption using the Federating Entity private key. c) Reference: OGC 07-118r1, clause 6.4.6.1 A.1.5.2 WS-Security: Digital signature The secure hash SHA-1 digital signature message digest algorithm is proposed.

a) Test Purpose: Verification of correct digital signature by Federating Entity. recognised and validated by the Federating Entity authentication service, and receive in return a SAML token encrypted and signed by the Federating Entity. Verify digital signature using Federating Entity public key. c) Reference: OGC 07-118r1, clause 6.4.6.2 A.1.5.3 WS-Security: SAML profile A SAML assertion is a package of information that supplies one or more statements made by a SAML authority. Authentication: The specified subject was authenticated by a particular means at a particular time. A typical authentication statement asserts Subject S authenticated at time t using authentication method m. Attribute: The specified subject is associated with the supplied attributes. A typical attribute statement asserts Subject S is associated with attributes X,Y,Z having values v1,v2,v3. Relying parties use attributes to make access control decisions SAML 1.1 is proposed to encode the user authentication token. a) Test Purpose: Verification of correct construction of SAML token. b) Test Method: For the purpose of this test, the conformance test environment has a copy of the Federating Entity private key, as well as its public key. Send an authentication request with credentials (username and password) that are recognised and validated by the Federating Entity authentication service, and receive in return a SAML token encrypted and signed by the Federating Entity. Decrypt SAML token using Federating Entity private key, and confirm structure of SAML token: valid SAML format, correct AuthenticationStatement, correct AttributeStatement. c) Reference: OGC 07-118r1, clauses 6.4.5 and 7.1.3 A.1.6 Authentication: Failed authentication request A SOAP fault must be returned in response to an authentication request with invalid credentials (invalid username or password). a) Test Purpose: Verification of fault response on failed authentication request. b) Test Method: Send an authentication request with invalid credentials (invalid username or password), and receive in return an appropriate SOAP fault. c) Reference: OGC 07-118r1, clause 7.1.4 A.1.7 Authorisation: Synchronous response Having obtained a SAML token from an authentication request, a user may submit an external service request to the Federating Entity. However, the service may not be invoked unless the requester is authorised to do so. Two

levels of policy enforcement may be applied at both the Federating Entity (e.g. controlling access to the service), and at the (external) Service Provider (e.g. controlling invocation of the specific request). The process used at both stages is the same: verifying the signed request, decrypting and verifying the SAML token, retrieving user information from the local user registry, enforcing authorisation policy. a) Test Purpose: Invocation of a requested service is not allowed unless the client has appropriate authorisation. This test verifies that an appropriately-authorised service request successfully completes. b) Test Method: A service request is sent to the Federating Entity; it contains a SAML token previously obtained through an authentication request. The user is authorised both to access the requested service, and to make the specific service request. The request executes successfully and results are returned in a synchronous response. c) Reference: OGC 07-118r1, clause 6.4.4.1 A.1.8 Authorisation: Asynchronous response Behaviour of a service request with asynchronous response is not completely defined by the User Management specification (07-118r1). Only internal behaviour is described, but interaction with a user/client is undefined. In particular, the response to the service request is first sent synchronously to the Federating Entity, which then processes the response with a dispatcher service, responsible for the asynchronous interaction with the client. As noted (07-118r1 clause 6.4.4.2), the response processing by the dispatcher service is not further described as it is implementation dependent and the persistence and correlation management required is outside the scope of this document. Since the interaction is implementation dependent, it is not appropriate to define a conformance test. A.1.9 Authorisation: Test module for failed authorisation requests A SOAP fault must be returned in response to a failed authorisation request. This may occur for any of a number of reasons: a non-present SAML token for a protected service, an invalid SAML token, an expired SAML token, not authorised to use service (determined by Federating Entity PEP), not authorised for specific service request (Service Provider PEP). A.1.9.1 Authorisation: Failed authorisation request (SAML token not supplied) a) Test Purpose: Verification of fault response authorisation request lacking required SAML token. b) Test Method: Send an authorisation request (i.e. a service request) with no SAML token present and receive in return an appropriate SOAP fault. c) Reference: OGC 07-118r1, clause 7.2.3 A.1.9.2 Authorisation: Failed authorisation request (invalid SAML token) a) Test Purpose: Verification of fault response on authorisation request with invalid SAML token. b) Test Method: Send an authorisation request (i.e. a service request) with an incorrectly structured SAML token and receive in return an appropriate SOAP fault.

c) Reference: OGC 07-118r1, clause 7.2.3 A.1.9.3 Authorisation: Failed authorisation request (expired SAML token) a) Test Purpose: Verification of fault response on authorisation request with expired SAML token. b) Test Method: Send an authorisation request (i.e. a service request) with an expired SAML token and receive in return an appropriate SOAP fault. c) Reference: OGC 07-118r1, clause 7.2.3 A.1.9.4 Authorisation: Failed authorisation request (not authorised to use service) a) Test Purpose: Verification of fault response on service request to unauthorised service. b) Test Method: Send a service request for a service the user is not authorised to access. An authorisation failure should be enforced by the Federating Entity PEP, and an appropriate SOAP fault returned. c) Reference: OGC 07-118r1, clauses 6.4.4.1 and 7.2.3 A.1.9.5 Authorisation: Failed authorisation request (specific request not authorised) a) Test Purpose: Verification of fault response on unauthorised service request to allowed service b) Test Method: Send an unauthorised service request to an allowed service (the request may be unauthorised due to its size, data access policies, etc.). An authorisation failure should be enforced by the Service Provider PEP, and an appropriate SOAP fault returned. c) Reference: OGC 07-118r1, clauses 6.4.4.1 and 7.2.3

Annex B: EXECUTABLE TEST SUITE (NORMATIVE) This section tbd.

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information