Technik und Informatik. SOAP Security. Prof. Dr. Eric Dubuis Berner Fachhochschule Biel. Version April 11, 2012



Similar documents
02267: Software Development of Web Services

Web Services Security: SAML Token Profile 1.1

Security and Reliability for Web Services

Secure Services withapache CXF

Encryption, Signing and Compression in Financial Web Services

This Working Paper provides an introduction to the web services security standards.

OSCI-Transport, Version 2.0

SSL-over-SOAP: Towards a Token-based Key Establishment Framework for Web Services

A Signing Proxy for Web Services Security

CICS Identity and Security

Web Services Security X509 Binding

CICS Web Service Security. Anthony Papageorgiou IBM CICS Development March 13, 2012 Session: 10282

Cloud Computing. Lecture 5 Grid Security

Web Services. Web Service Security. Copyright 2010 Davide Cerri & Srdjan Komazec

GCSS-AF SOA and Web Services Infrastructure & Support

OIOIDWS for Healthcare Token Profile for Authentication Tokens

SAML Implementation Guidelines

Securing Web Services with WS-Security

Java Security Web Services Security (Overview) Lecture 9

Web Services Security: SOAP Message Security 1.0 (WS-Security 2004)

vcenter Single Sign On Programming Guide vcenter Single Sign On SDK vsphere 5.5

Diplomarbeit. Single Sign On In Web Service Scenarios

Brief History of Software

Network Security Part II: Standards

Configuring SAML2 for Single Sign-On to Smartsheet (Enterprise Only)

XML Encryption Syntax and Processing. Duan,Limiao 07,12,2006

igovt logon service Context Mapping Service (icms) Messaging Specification Release 9.6

The Secure Sockets Layer (SSL)

Chapter 15 User Authentication

Network Security Protocols

Secure Authentication and Session. State Management for Web Services

Authentication & Digital Signature

Electronic Bank Account Management - EBAM

Web Security Considerations

Network Security [2] Plain text Encryption algorithm Public and private key pair Cipher text Decryption algorithm. See next slide

PowerCenter Real-Time Development

Communication Security for Applications

Security Assertion Markup Language (SAML)

Authentication applications Kerberos X.509 Authentication services E mail security IP security Web security

WEB SERVICES SECURITY

Grid Working Draft - Informational, GWD-I-XXX Network Service Interface (NSI) Working Group (WG) September 1, 2010

Presented By: Muhammad Afzal 08May, 2009

SAML Profile for SSO in Danish Public Sector V2.0 Assertion Examples,

Automatic Penetration Test Tool for Detection of XML Signature Wrapping Attacks in Web Services

Configuring SAML2 for Single Sign-On to Smartsheet (Enterprise Only)

Security. Contents. S Wireless Personal, Local, Metropolitan, and Wide Area Networks 1

Web Services Security Tutorial

Module 8. Network Security. Version 2 CSE IIT, Kharagpur

Web Services Security with SOAP Security Proxies

Web Payment Security. A discussion of methods providing secure communication on the Internet. Zhao Huang Shahid Kahn

Message Containers and API Framework

Secure Sockets Layer (SSL ) / Transport Layer Security (TLS) Network Security Products S31213

Key Management (Distribution and Certification) (1)

Securing Web Services From Encryption to a Web Service Security Infrastructure

Web Services Security: What s Required To Secure A Service-Oriented Architecture. An Oracle White Paper January 2008

User Management Interfaces for Earth Observation Services Abstract Test Suite

OSCI-Transport, Version 2.0.1

Chapter 17. Transport-Level Security

Lab Exercise SSL/TLS. Objective. Step 1: Open a Trace. Step 2: Inspect the Trace

Transport Layer Security Protocols

17 March 2013 NIEM Web Services API Version 1.0 URI:

SSL Protect your users, start with yourself

Security Protocols HTTPS/ DNSSEC TLS. Internet (IPSEC) Network (802.1x) Application (HTTP,DNS) Transport (TCP/UDP) Transport (TCP/UDP) Internet (IP)

On Partial Encryption of RDF-Graphs

Design and Implementaion of a Single Sign-On Library Supporting SAML (Security Assertion Markup Language) for Grid and Web Services Security

By Koji MIYAUCHI* ABSTRACT. XML is spreading quickly as a format for electronic documents and messages. As a consequence,

CS 356 Lecture 28 Internet Authentication. Spring 2013

The BritNed Explicit Auction Management System. Kingdom Web Services Interfaces

7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?

Network Security Web Security and SSL/TLS. Angelos Keromytis Columbia University

3.2: Transport Layer: SSL/TLS Secure Socket Layer (SSL) Transport Layer Security (TLS) Protocol

Grid Delegation Protocol

Improving performance for security enabled web services. - Dr. Colm Ó héigeartaigh

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Lukasz Pater CMMS Administrator and Developer

Core Feature Comparison between. XML / SOA Gateways. and. Web Application Firewalls. Jason Macy jmacy@forumsys.com CTO, Forum Systems

Using Voltage Secur

Kerberos and Single Sign-On with HTTP

Secure Client Applications

Secure Socket Layer (SSL) and Trnasport Layer Security (TLS)

, SNMP, Securing the Web: SSL

Network Security - Secure upper layer protocols - Background. Security. Question from last lecture: What s a birthday attack? Dr.

Web Security: Encryption & Authentication

Authentication. Agenda. IT Security course Lecture April 14 th Niels Christian Juul 2. April 14th, 2003

CS 356 Lecture 27 Internet Security Protocols. Spring 2013

Cryptosystems. Bob wants to send a message M to Alice. Symmetric ciphers: Bob and Alice both share a secret key, K.

How To Configure SAML Authentication for SAP NetWeaver Process Integration 7.1

CA Nimsoft Service Desk

e-filing Secure Web Service User Manual

Web Services Advanced Topics

IBM WebSphere Data Power SOA Applicances V3.8.1 Solution IMP. Version: Demo. Page <<1/10>>

, ) I Transport Layer Security

XML Signatures in an Enterprise Service Bus Environment

APNIC elearning: IPSec Basics. Contact: esec03_v1.0

Single Sign-On Implementation Guide

How To Understand And Understand The Ssl Protocol ( And Its Security Features (Protocol)

Secure Socket Layer. Security Threat Classifications

Test Plan for Liberty Alliance SAML Test Event Test Criteria SAML 2.0

Security Engineering Part III Network Security. Security Protocols (I): SSL/TLS

Web Services Security Standards Forum. Dr. Phillip M. Hallam-Baker C.Eng. FBCS VeriSign Inc.

Transcription:

SOAP Security Prof. Dr. Eric Dubuis Berner Fachhochschule Biel Version April 11, 2012

Overview Motivation Transport security versus SOAP Security WS-Security stack overview Structure of secured SOAP messages Security tokens Encrypting SOAP messages Signing SOAP messages Timestamps SOAP Security 2

Motivation SOAP messages are text documents As such, they contain valuable data in clear-text Such data may be confidential Such data may be subject to tampering Starting point for SOAP security is: SOAP Message Security 1.1 (WS-Security 2004) http://docs.oasis-open.org/wss/v1.1/wss-v1.1-spec-os-soapmessagesecurity.pdf SOAP Security 3

Position of SOAP Security Application level XML Documents XML Signature XML Encryption Message level SOAP Message WS-Security Transport level TCP SSL / TLS XML Signature: http://www.w3.org/tr/xmldsig-core/ XML Encryption: http://www.w3.org/tr/xmlenc-core/ WS-Security, SOAP Message Security: http://docs.oasis-open.org/wss/v1.1/wss-v1.1-spec-os-soapmessagesecurity.pdf SSL, Secure Socket Layer: http://web.archive.org/web/20080208141212/http://wp.netscape.com/eng/ssl3/, TLS, Transport Layer Security: http://www.ietf.org/rfc/rfc4346.txt, SOAP Security 4

Transport Security versus Message Security Client Server Client Program Server Program Message SSL/TLS SSL/TLS Message client: messages in the clear in the pipe: messages encrypted back and forth server: messages in the clear SSL, Secure Socket Layer: http://web.archive.org/web/20080208141212/http://wp.netscape.com/eng/ssl3/ TLS, Transport Layer Security: http://www.ietf.org/rfc/rfc4346.txt SOAP Security 5

Transport Security versus Message Security Transport security Pros: mature big support well understood relatively simple Cons: point to point only all-or-nothing security Message security Pros: security attached to the message itself selective flexible Cons: complex many standards SOAP Security 6

WS-Security Stack Source: http://msdn.microsoft.com/en-us/library/aa480548.appx_interopcons_f01(en-us,msdn.10).gif SOAP Security 7

WS-Security Namespaces For These Slides Prefix Short for Namespace ds XML signature http ://www.w3.org/2000/09/xmldsig# wsse wsu xenc WS-Security extension Web services utility XML encryption http ://www.docs.oasis-open.org/ wss/2004/01/oasis-200401-wsswssecurity-secext-1.0.xsd http ://www.docs.oasis-open.org/ wss/2004/01/oasis-200401-wsswssecurity-utility-1.0.xsd http ://www.w3.org/2001/04/xmlenc# Unless otherwise noted, SOAP Message Security 1.1 is addressed in these notes, see WS-Security: http://docs.oasis-open.org/wss/v1.1/wss-v1.1-spec-os-soapmessagesecurity.pdf SOAP Security 8

Extending SOAP with Security: Structure (I) <S:Envelope> <S:Header> <wsse:security> <!-- see next slide --> </wsse:security> </S:Header> Content of the XML S:Body element is encrypted. <S:Body Id= body > <xenc:encrypteddata Id="bodyID" Type="http://www.w3.org/2001/04/xmlenc#Content">... </xenc:encrypteddata> </S:Body> </S:Envelope> SOAP 1.1: http://www.w3.org/tr/soap11/ SOAP 1.2: http://www.w3.org/tr/soap12-part1/, http://www.w3.org/tr/soap12-part2/ SOAP Security 9

Extending SOAP with Security: Structure (II) The optional encrypted key list carries the encrypted keys used for encryption. The signatures are performed prior to encryption! <wsse:security>... <!-- XML encrypted key --> <xenc:encryptedkey>...</xenc:encryptedkey> <!-- XML encryption reference list --> <xenc:referencelist> <xenc:datareference URI="#tokenID"/> <xenc:datareference URI="#bodyID"/> </xenc:referencelist> <!-- Security Token --> The optional reference list is a manifest of encrypted portions of the SOAP message. <xenc:encrypteddata Id="tokenID"...></xenc:EncryptedData> <!-- XML Signature --> <ds:signature>... <ds:reference URI="#timestamp">...</ds:Reference> <ds:reference URI="#body">...</ds:Reference> </ds:signature> </wsse:security> SOAP Security 10

Extending SOAP with Security: Summary of Structural Elements The following elements can be embedded within the <wsse:security> element: Encrypted Keys zero, one, or more of embedded keys Reference List zero, one, or more of references to encrypted parts Security Tokens zero, one, or more (but usually not more than one) security tokens may be encrypted Signatures zero, one, or more XML signatures. If an XML signature is included, at minimum it signs all or part of the SOAP body SOAP Security 11

Encrypted Key Element <xenc:encryptedkey Id="_5002"..."> <xenc:encryptionmethod..."/> <ds:keyinfo..."> <wsse:securitytokenreference> <ds:x509data> <ds:x509issuerserial> <ds:x509issuername>cn=...</ds:x509issuername> <ds:x509serialnumber>2</ds:x509serialnumber> </ds:x509issuerserial> </ds:x509data> </wsse:securitytokenreference> </ds:keyinfo> <xenc:cipherdata> <xenc:ciphervalue>oo...yc=</xenc:ciphervalue> </xenc:cipherdata> </xenc:encryptedkey> SOAP Security 12

Reference List Shows encrypted parts of the SOAP message Optional <xenc:referencelist..."> <xenc:datareference URI="#_5009"/> <xenc:datareference URI="#_5010"/> </xenc:referencelist> SOAP Security 13

Security Tokens: Overview Examples of Security Tokens: User name with password token X.509 certificate token } Kerberos ticket binary Encrypted data token SAML assertion Types of Security Tokens: User name tokens (two variants) binary tokens (many) XML tokens (many) tokens Most often encrypted. Security token that is encrypted. The recipient knows how to decrypt it to obtain the effective token. SOAP Security 14

Security Tokens: User Name Token Basic <UsernameToken> with clear-text password <S:Envelope> <S:Header>... <wsse:security> <wsse:usernametoken> <wsse:username>alice</wsse:username> <wsse:password>ilovedogs</wsse:password> </wsse:usernametoken> </wsse:security>... </S:Header>... </S:Envelope> Username Token Profile 1.1: http://docs.oasis-open.org/wss/v1.1/wss-v1.1-spec-os-usernametokenprofile.pdf SOAP Security 15

Security Tokens: User Name with Password Digest Basic Idea: Provides an alternative to the clear-text password approach Sender hashes some random information with the password Receiver performs the same process Receiver compares the computed value with the one received Further Elements: Nonce: A random value to prevent reply attack. That is, the receiver caches the values obtained so far, and discards any request having the same value. Time stamp: Allows to clear the server's cache from old, obsolete entries. Password Digest = Base64 ( SHA-1 ( nonce + created + password ) ) SOAP Security 16

Security Tokens: Example of User Name with Password Digest <wsse:security> <wsse:usernametoken xmlns:wsse="...wss-wssecurity-secext-1.0.xsd" xmlns:wsu="...wss-wssecurity-utility-1.0.xsd"> <wsse:username>alice</wsse:username> <wsse:password Type="wsse:PasswordDigest"> D2A12DFE8D9F0C6BB82C89B091DF5C8A872F94DC </wsse:password> <wsse:nonce>efd89f06ccb28c89</wsse:nonce> <wsu:created>2007-10-13t09:00:00z</wsu:created> </wsse:usernametoken> </wsse:security> You don't see the real password here... SOAP Security 17

Binary Security Tokens: Overview Template for binary tokens: <wsse:binarysecuritytoken wsu:id=... EncodingType=... ValueType=...>...Binary Data... <wsse:binarysecuritytoken/> Encoding type: how is the binary data encoded. Most often: wsse:base64binary Value type: type of token. Can be an X.509 V3 certificate or one of the Kerberos tickets. SOAP Security 18

X.509 V3 Certificate as Binary Token An example of a X.509 V3 certificate as a binary token looks like: <wsse:binarysecuritytoken Id="myX509Token" ValueType="wsse:X509v3" EncodingType="wsse:Base64Binary">NIFEPzQ......CrAwIBAgIQEm FExErTECA</wsse:BinarySecurityToken> With a certificate, you authenticate yourself with the receiver by signing an element with your private key, such that the receiver can validate the signed element with the help of the certificate's public key, provided the receiver trusts the certificate authority. X.509 Certificate Token Profile 1.1: http://www.oasis-open.org/committees/download.php/16785/wss-v1.1-spec-os-x509tokenprofile.pdf SOAP Security 19

Relating an XML Signature with a X.509 V3 Certificate You learned: XML signature (optionally) has a KeyInfo element: <ds:keyinfo> <ds:keyvalue>...</ds:keyvalue> <ds:x509data>...</ds:x509data> </ds:keyinfo> WS-Security recommends however: <ds:keyinfo> <wsse:securitytokenreference> <wsse:reference URI="#myX509Token"/> </wsse:securitytokenreference> </ds:keyinfo> You don't include the certifcate here but you reference it... SOAP Security 20

Kerberos Tokens Two types of tokens: Ticket Granting Ticket (TGT) Service Ticket (ST) You specify the type of Kerberos token with the attribute ValueType. An example of a TGT Kerberos token looks like: <wsse:binarysecuritytoken wsu:id="mykerberostoken" ValueType="wsse:Kerberosv5TGT" EncodingType="wsse:Base64Binary">ABCDEFG...CrAwIBAgIQEm... QwErTY</wsse:BinarySecurityToken> Kerberos Token Profile 1.1: http://www.oasis-open.org/committees/download.php/16788/wss-v1.1-spec-os-kerberostokenprofile.pdf SOAP Security 21

XML Tokens Several kinds of XML tokens exist: SAML assertions XrML / REL tokens XCBF tokens We will discuss SAML assertions in a later session. SOAP Security 22

Encrypted Data Tokens (in <Security> Header) A token that needs to be decrypted by the recipient An <xenc:encrypteddata> element is used <xenc:encrypteddata Id="_5009"...> <xenc:encryptionmethod Algorithm="...#aes128-cbc"/> <ds:keyinfo...> <wsse:securitytokenreference wsse11:tokentype="...#encryptedkey"> <wsse:reference URI="#_5002" ValueType="...#EncryptedKey"/> </wsse:securitytokenreference> </ds:keyinfo> <xenc:cipherdata> <xenc:ciphervalue>yw...==</xenc:ciphervalue> </xenc:cipherdata> </xenc:encrypteddata> Encrypted Data Tokens: http://docs.oasis-open.org/wss/v1.1/wss-v1.1-spec-os-soapmessagesecurity.pdf, 6.5 SOAP Security 23

Referencing Security Tokens In XML, you'll use Id and Key as an identifier. Different types in security tokens different strategies for unique identifiers Problem: How to references security tokens in other places? Solution: WS-Security introduces Security Token References Within a Security Token Reference, there are three possibilities: direct element key identifier key name (not recommended due to uniqueness problem) Additional alternative: You can embed the security token directly in the Security Token Reference. SOAP Security 24

Example of a Direct Security Token Reference A direct Security Token Reference looks like: <wsse:securitytokenreference xmlns:wsse="...wss-wssecurity-secext-1.0.xsd"> <wsse:reference URI="http://www.company.com/certs/alice#X509token" ValueType="wsse:X509v3"/> </wsse:securitytokenreference> SOAP Security 25

Example of a Key Identified Security Token Reference A direct Key Identified Security Token Reference looks like: <wsse:securitytokenreference> <wsse:keyidentifier ValueType="wsse:X509v3"> uthyqbrcgfu4xmo14md/iygyyig= </wsse:keyidentifier> </wsse:securitytokenreference> SOAP Security 26

Example of an Embedded Security Token A security token can be embedded into a Security Token Reference: <wsse:securitytokenreference> <wsse:embedded> <wsse:binarysecuritytoken ValueType="wsse:X509v3" EncodingType="wsse:Base64Binary" wsu:id="x509token"> MIIEZzCCA9CgAwIBAgIQEmtJZc0rqrKh5i... </wsse:binarysecuritytoken> </wsse:embedded> </wsse:securitytokenreference> SOAP Security 27

Signature Used to sign different parts of the SOAP message <ds:signature...> <ds:signedinfo> <ds:canonicalizationmethod...>...</ds:canonicalizationmethod> <ds:signaturemethod Algorithm="...#hmac-sha1"/> <ds:reference URI="#_5003"> <ds:transforms>...</ds:transforms> <ds:digestmethod Algorithm=".../xmldsig#sha1"/> <ds:digestvalue>oyq...=</ds:digestvalue> </ds:reference>... </ds:signedinfo> <ds:signaturevalue>0...=</ds:signaturevalue> <ds:keyinfo> Many references to signed parts of the SOAP message... <wsse:securitytokenreference...>...</wsse:securitytokenreference> </ds:keyinfo> </ds:signature> SOAP Security 28

Encrypting SOAP Messages On SOAP message encryption: Based on XML encryption However, a few features needs to be discussed in the context of SOAP encryption Envelope, Header and Body tags are never encrypted Modes of Encryption: Shared key XML encryption Wrapped key XML encryption Encrypting attachments (not discussed) Examples are given on the next slides. SOAP Security 29

SOAP Encryption Based on Shared Key XML Encryption Assume a shared key is known to the sender and receiver An optional Reference List in the security header points to the parts of the message that have been encrypted: <S:Envelope> <S:Header> <wsse:security> <xenc:referencelist> <xenc:datareference URI="#body"/> </xenc:referencelist> </wsse:security> </S:Header> <S:Body> <xenc:encrypteddata Id="body"> <xenc:cipherdata>...</xenc:cipherdata> </xenc:encrypteddata> </S:Body> </S:Envelope> Encrypted data, shared secret key is know to the receiver. SOAP Security 30

SOAP Encryption Based on Wrapped Key XML Encryption (I) Generated, symmetric key is used for encrypting (parts of) the body ( shared key) Then, the shared key is encrypted using the recipient's public key <S:Envelope> <S:Header> <wsse:security> <xenc:encryptedkey> <xenc:encryptionmethod Algorithm="..."/> <ds:keyinfo> <wsse:securitytokenreference> <wsse:keyidentifier EncodingType="wsse:Base64Binary" ValueType="wsse:X509v3">F2J...</wsse:KeyIdentifier> </wsse:securitytokenreference> </ds:keyinfo> <xenc:cipherdata>aecdjs78wea...yxc</xenc:cipherdata> <xenc:referencelist> <xenc:datareference URI= #body /> </xenc:referencelist> </xenc:encryptedkey> </wsse:security> </S:Header> Which key to use for decrypting shared key? What is encrypted? Encrypted shared key SOAP Security Note: List can be outside of the 31 EncryptedKey element.

SOAP Encryption Based on Wrapped Key XML Encryption (II) Encrypted body: <S:Envelope>... <S:Body> <xenc:encrypteddata Id="body"> <xenc:cipherdata> <xenc:ciphervalue>...</xenc:ciphervalue> </xenc:cipherdata> </xenc:encrypteddata> </S:Body> </S:Envelope> SOAP Security 32

Signing SOAP Messages Used for verifying message integrity Used for verifying security token integrity XML signatures are put into the security header The detached signature model is the only one allowed (due to the mutability of headers) <S:Envelope> <S:Header> <wsse:security> <ds:signature> <ds:reference URI= #body >... <S:Body Id= body > SOAP Security 33

An Example of a Signed SOAP Message (I) <S:Envelope> <S:Header> This is an X509 <wsse:security> certificate used as <wsse:binarysecuritytoken security token ValueType="wsse:X509v3" EncodingType="wsse:Base64Binary" wsu:id="x509token">figezzcr...</wsse:binarysecuritytoken> <ds:signature> <ds:signedinfo> <ds:canonicalizationmethod Algorithm="...xml-exc-c14n#" /> <ds:signaturemethod Algorithm="...rsa-sha1" /> <ds:reference URI="#body"> <ds:transforms> <ds:transform Algorithm="...xml-exc-c14n#" /> </ds:transforms> <ds:digestmethod Algorithm="...#sha1" /> <ds:digestvalue>eulddytso1...</ds:digestvalue> </ds:reference> </ds:signedinfo> to be continued... SOAP Security 34

An Example of a Signed SOAP Message (II)... continued <ds:signaturevalue>xld.../ds:signaturevalue> <ds:keyinfo> <wsse:securitytokenreference> <wsse:reference URI="#X509Token"/> </wsse:securitytokenreference> </ds:keyinfo> </ds:signature> </wsse:security> </S:Header> <S:Body wsu:id="body"> <StatusRequest xmlns="http://www.mycompany.com/order"> <OrderNumber>1234</OrderNumber> </StatusRequest> </S:Body> </S:Envelope> The body is signed... The signature was produced by using the public key attached to the X509 certificate SOAP Security 35

Signing and Encrypting a SOAP Message If a producer signs a message before encryption, then following ordering is applied: The <Signature> element with all <Reference> elements is computed and added to the <Security> header The encryption elements such as <EncryptedKey>, <ReferenceList>, and <EncryptedData> are added to the <Security> header in front of the <Signature> element The above order can be sketched accordingly: If encryption is used first, and then signing, then the order changes accordingly (order matters). SOAP Security 36

Message Time Stamps WS-Security defines message timestamps Message timestamps define the freshness of a message Message timestamps are introduced in the header Message timestamps should be signed Example: <S:Envelope> <S:Header> <wsu:timestamp> <wsu:created>2001-04-03t08:42:00z</wsu:created> <wsu:expires>2001-04-04t09:00:00z</wsu:expires> </wsu:timestamp>... </S:Header> <S:Body>... </S:Body> </S:Envelope> SOAP Security 37

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information