SlideShare ist ein Scribd-Unternehmen logo

Identity, Security Credentials and XML Web Services

Als PPT, PDF herunterladen
Jorgen Thelin
Jorgen Thelin

The use of security credentials and concepts of single-sign-on and “identity” play a big part in Web Services as developers start writing enterprise-grade line-of-business applications. An overview is provided of the emerging XML security credential standards such as SAML, along with various “identity” standards such as Passport and Liberty. We examine how “identity aware” Web Service implementations need to be, and the value a Web Services platform can add in reducing complexity in this area, with lessons drawn from experiences using J2EE technology for real-world security scenarios.

Technologie
1 von 34
Identity, Security and XML Web Services Jorgen Thelin Chief Scientist Cape Clear Software Inc. E-mail: Jorgen.Thelin@CapeClear.com
Abstract ,[object Object]
Agenda ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Cape Clear Software Inc. ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
A Definition of Identity ,[object Object],[object Object],[object Object],[object Object],[object Object]
What is Identity? ,[object Object],[object Object],[object Object],[object Object]
Identity – Who are you? ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Identity – Proof of identity ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Identity – Permissions ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Identity – Permissions and Credentials ,[object Object],[object Object],[object Object],[object Object],[object Object]
Web Services and Identity ,[object Object],[object Object],[object Object],[object Object]
Web Services and Identity 2 ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
End-to-end Security Credentials Client WS Broker WS Gateway WS Gateway Firewall Firewall Firewall Firewall EJB Public Internet XML security credentials “ The Last Mile” Web Service CORBA
Interoperable Security Credentials ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
WS-Security ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
WS-Security - Types of Security Tokens ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Typical XML Security Dialogue – Non Self-Validating Credentials Need to query the security service to validate the credentials
Typical XML Security Dialogue – Self Validating Credentials No need to query the security service to validate the credentials. Usually done by the security authority digitally signing the credentials.
SAML v1.0 ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
SAML Assertion Types ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
A Username Token in WS-Security SOAP Header ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
A Binary X509 Certificate in WS-Security SOAP Header ,[object Object]
A SAML Assertion in WS-Security SOAP Header ,[object Object]
Single-sign-on Services ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Liberty Alliance ,[object Object],[object Object],[object Object],[object Object],[object Object]
Microsoft .NET Passport ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
The Need for a Sign-on Standard – WS-Trust ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
WS-I Basic Security Profile ,[object Object],[object Object],[object Object]
Identity-awareness in Web Services ,[object Object],[object Object],[object Object]
Identity-awareness in Web Services - 2 ,[object Object],[object Object]
Identity-awareness in Web Services - 3 ,[object Object],[object Object]
Desired Web Services platform security ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Summary ,[object Object],[object Object],[object Object],[object Object],[object Object]
Resources ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Empfohlen

Deciphering 'Claims-based Identity'
Deciphering 'Claims-based Identity'Deciphering 'Claims-based Identity'
Deciphering 'Claims-based Identity'Oliver Pfaff
 
O auth2 with angular js
O auth2 with angular jsO auth2 with angular js
O auth2 with angular jsBixlabs
 
All About SSL/TLS
All About SSL/TLSAll About SSL/TLS
All About SSL/TLSRapidSSLOnline.com
 
SAML 101
SAML 101SAML 101
SAML 101Echoworx
 
Saml in cloud
Saml in cloudSaml in cloud
Saml in cloudNagraj Rao
 
LASCON 2017: SAML v. OpenID v. Oauth
LASCON 2017: SAML v. OpenID v. OauthLASCON 2017: SAML v. OpenID v. Oauth
LASCON 2017: SAML v. OpenID v. OauthMike Schwartz
 
Extending SharePoint 2010 to your customers and partners
Extending SharePoint 2010 to your customers and partnersExtending SharePoint 2010 to your customers and partners
Extending SharePoint 2010 to your customers and partnersCorey Roth
 
Introduction to SAML 2.0
Introduction to SAML 2.0Introduction to SAML 2.0
Introduction to SAML 2.0Mika Koivisto
 

Empfohlen

Deciphering 'Claims-based Identity'
Deciphering 'Claims-based Identity'Deciphering 'Claims-based Identity'
Deciphering 'Claims-based Identity'Oliver Pfaff
 
O auth2 with angular js
O auth2 with angular jsO auth2 with angular js
O auth2 with angular jsBixlabs
 
All About SSL/TLS
All About SSL/TLSAll About SSL/TLS
All About SSL/TLSRapidSSLOnline.com
 
SAML 101
SAML 101SAML 101
SAML 101Echoworx
 
Saml in cloud
Saml in cloudSaml in cloud
Saml in cloudNagraj Rao
 
LASCON 2017: SAML v. OpenID v. Oauth
LASCON 2017: SAML v. OpenID v. OauthLASCON 2017: SAML v. OpenID v. Oauth
LASCON 2017: SAML v. OpenID v. OauthMike Schwartz
 
Extending SharePoint 2010 to your customers and partners
Extending SharePoint 2010 to your customers and partnersExtending SharePoint 2010 to your customers and partners
Extending SharePoint 2010 to your customers and partnersCorey Roth
 
Introduction to SAML 2.0
Introduction to SAML 2.0Introduction to SAML 2.0
Introduction to SAML 2.0Mika Koivisto
 
Claim based authentaication
Claim based authentaicationClaim based authentaication
Claim based authentaicationSean Xiong
 
CIS14: Working with OAuth and OpenID Connect
CIS14: Working with OAuth and OpenID ConnectCIS14: Working with OAuth and OpenID Connect
CIS14: Working with OAuth and OpenID ConnectCloudIDSummit
 
OAuth 2.0 and OpenId Connect
OAuth 2.0 and OpenId ConnectOAuth 2.0 and OpenId Connect
OAuth 2.0 and OpenId ConnectSaran Doraiswamy
 
Authentication and strong authentication for Web Application
Authentication and strong authentication for Web ApplicationAuthentication and strong authentication for Web Application
Authentication and strong authentication for Web ApplicationSylvain Maret
 
Thawte EV SSL: A New Revolution for Trust
Thawte EV SSL: A New Revolution for TrustThawte EV SSL: A New Revolution for Trust
Thawte EV SSL: A New Revolution for TrustRapidSSLOnline.com
 
Authentication Concepts
Authentication ConceptsAuthentication Concepts
Authentication ConceptsCharles Southerland
 
CIS14: OAuth and OpenID Connect in Action
CIS14: OAuth and OpenID Connect in ActionCIS14: OAuth and OpenID Connect in Action
CIS14: OAuth and OpenID Connect in ActionCloudIDSummit
 
SharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
SharePoint 2010, Claims-Based Identity, Facebook, and the CloudSharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
SharePoint 2010, Claims-Based Identity, Facebook, and the CloudDanny Jessee
 
[Infosecworld 08 Orlando] CSRF: The Biggest Little Vulnerability on the Web
[Infosecworld 08 Orlando] CSRF: The Biggest Little Vulnerability on the Web [Infosecworld 08 Orlando] CSRF: The Biggest Little Vulnerability on the Web
[Infosecworld 08 Orlando] CSRF: The Biggest Little Vulnerability on the Web Shreeraj Shah
 
Cloud Native Journey in Synchrony Financial
Cloud Native Journey in Synchrony FinancialCloud Native Journey in Synchrony Financial
Cloud Native Journey in Synchrony FinancialVMware Tanzu
 
SharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
SharePoint 2010, Claims-Based Identity, Facebook, and the CloudSharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
SharePoint 2010, Claims-Based Identity, Facebook, and the CloudDanny Jessee
 
Protecting web APIs with OAuth 2.0
Protecting web APIs with OAuth 2.0Protecting web APIs with OAuth 2.0
Protecting web APIs with OAuth 2.0Vladimir Dzhuvinov
 
Web Attacks - Top threats - 2010
Web Attacks - Top threats - 2010Web Attacks - Top threats - 2010
Web Attacks - Top threats - 2010Shreeraj Shah
 
OAuth2 and Spring Security
OAuth2 and Spring SecurityOAuth2 and Spring Security
OAuth2 and Spring SecurityOrest Ivasiv
 
TechEd Africa 2011 - Collaborating with Extranet Partners on SharePoint 2010
TechEd Africa 2011 - Collaborating with Extranet Partners on SharePoint 2010TechEd Africa 2011 - Collaborating with Extranet Partners on SharePoint 2010
TechEd Africa 2011 - Collaborating with Extranet Partners on SharePoint 2010Michael Noel
 
Identity Federation on JBossAS
Identity Federation on JBossASIdentity Federation on JBossAS
Identity Federation on JBossASRoger CARHUATOCTO
 
RESTful Day 5
RESTful Day 5RESTful Day 5
RESTful Day 5Akhil Mittal
 
Stateless authentication with OAuth 2 and JWT - JavaZone 2015
Stateless authentication with OAuth 2 and JWT - JavaZone 2015Stateless authentication with OAuth 2 and JWT - JavaZone 2015
Stateless authentication with OAuth 2 and JWT - JavaZone 2015Alvaro Sanchez-Mariscal
 
Access management
Access managementAccess management
Access managementVenkatesh Jambulingam
 
Hacking Ajax & Web Services - Next Generation Web Attacks on the Rise
Hacking Ajax & Web Services - Next Generation Web Attacks on the RiseHacking Ajax & Web Services - Next Generation Web Attacks on the Rise
Hacking Ajax & Web Services - Next Generation Web Attacks on the RiseShreeraj Shah
 
Web-services
Web-services Web-services
Web-services webhostingguy
 
Identity, Security, and XML Web Services -- The Importance of Interoperable S...
Identity, Security, and XML Web Services -- The Importance of Interoperable S...Identity, Security, and XML Web Services -- The Importance of Interoperable S...
Identity, Security, and XML Web Services -- The Importance of Interoperable S...Jorgen Thelin
 

Weitere ähnliche Inhalte

Was ist angesagt?

Claim based authentaication
Claim based authentaicationClaim based authentaication
Claim based authentaicationSean Xiong
 
CIS14: Working with OAuth and OpenID Connect
CIS14: Working with OAuth and OpenID ConnectCIS14: Working with OAuth and OpenID Connect
CIS14: Working with OAuth and OpenID ConnectCloudIDSummit
 
OAuth 2.0 and OpenId Connect
OAuth 2.0 and OpenId ConnectOAuth 2.0 and OpenId Connect
OAuth 2.0 and OpenId ConnectSaran Doraiswamy
 
Authentication and strong authentication for Web Application
Authentication and strong authentication for Web ApplicationAuthentication and strong authentication for Web Application
Authentication and strong authentication for Web ApplicationSylvain Maret
 
Thawte EV SSL: A New Revolution for Trust
Thawte EV SSL: A New Revolution for TrustThawte EV SSL: A New Revolution for Trust
Thawte EV SSL: A New Revolution for TrustRapidSSLOnline.com
 
CIS14: OAuth and OpenID Connect in Action
CIS14: OAuth and OpenID Connect in ActionCIS14: OAuth and OpenID Connect in Action
CIS14: OAuth and OpenID Connect in ActionCloudIDSummit
 
SharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
SharePoint 2010, Claims-Based Identity, Facebook, and the CloudSharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
SharePoint 2010, Claims-Based Identity, Facebook, and the CloudDanny Jessee
 
[Infosecworld 08 Orlando] CSRF: The Biggest Little Vulnerability on the Web
[Infosecworld 08 Orlando] CSRF: The Biggest Little Vulnerability on the Web [Infosecworld 08 Orlando] CSRF: The Biggest Little Vulnerability on the Web
[Infosecworld 08 Orlando] CSRF: The Biggest Little Vulnerability on the Web Shreeraj Shah
 
Cloud Native Journey in Synchrony Financial
Cloud Native Journey in Synchrony FinancialCloud Native Journey in Synchrony Financial
Cloud Native Journey in Synchrony FinancialVMware Tanzu
 
SharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
SharePoint 2010, Claims-Based Identity, Facebook, and the CloudSharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
SharePoint 2010, Claims-Based Identity, Facebook, and the CloudDanny Jessee
 
Protecting web APIs with OAuth 2.0
Protecting web APIs with OAuth 2.0Protecting web APIs with OAuth 2.0
Protecting web APIs with OAuth 2.0Vladimir Dzhuvinov
 
Web Attacks - Top threats - 2010
Web Attacks - Top threats - 2010Web Attacks - Top threats - 2010
Web Attacks - Top threats - 2010Shreeraj Shah
 
OAuth2 and Spring Security
OAuth2 and Spring SecurityOAuth2 and Spring Security
OAuth2 and Spring SecurityOrest Ivasiv
 
TechEd Africa 2011 - Collaborating with Extranet Partners on SharePoint 2010
TechEd Africa 2011 - Collaborating with Extranet Partners on SharePoint 2010TechEd Africa 2011 - Collaborating with Extranet Partners on SharePoint 2010
TechEd Africa 2011 - Collaborating with Extranet Partners on SharePoint 2010Michael Noel
 
Identity Federation on JBossAS
Identity Federation on JBossASIdentity Federation on JBossAS
Identity Federation on JBossASRoger CARHUATOCTO
 
Stateless authentication with OAuth 2 and JWT - JavaZone 2015
Stateless authentication with OAuth 2 and JWT - JavaZone 2015Stateless authentication with OAuth 2 and JWT - JavaZone 2015
Stateless authentication with OAuth 2 and JWT - JavaZone 2015Alvaro Sanchez-Mariscal
 
Hacking Ajax & Web Services - Next Generation Web Attacks on the Rise
Hacking Ajax & Web Services - Next Generation Web Attacks on the RiseHacking Ajax & Web Services - Next Generation Web Attacks on the Rise
Hacking Ajax & Web Services - Next Generation Web Attacks on the RiseShreeraj Shah
 

Was ist angesagt? (20)

Claim based authentaication
Claim based authentaicationClaim based authentaication
Claim based authentaication
 
CIS14: Working with OAuth and OpenID Connect
CIS14: Working with OAuth and OpenID ConnectCIS14: Working with OAuth and OpenID Connect
CIS14: Working with OAuth and OpenID Connect
 
OAuth 2.0 and OpenId Connect
OAuth 2.0 and OpenId ConnectOAuth 2.0 and OpenId Connect
OAuth 2.0 and OpenId Connect
 
Authentication and strong authentication for Web Application
Authentication and strong authentication for Web ApplicationAuthentication and strong authentication for Web Application
Authentication and strong authentication for Web Application
 
Thawte EV SSL: A New Revolution for Trust
Thawte EV SSL: A New Revolution for TrustThawte EV SSL: A New Revolution for Trust
Thawte EV SSL: A New Revolution for Trust
 
Authentication Concepts
Authentication ConceptsAuthentication Concepts
Authentication Concepts
 
CIS14: OAuth and OpenID Connect in Action
CIS14: OAuth and OpenID Connect in ActionCIS14: OAuth and OpenID Connect in Action
CIS14: OAuth and OpenID Connect in Action
 
SharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
SharePoint 2010, Claims-Based Identity, Facebook, and the CloudSharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
SharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
 
[Infosecworld 08 Orlando] CSRF: The Biggest Little Vulnerability on the Web
[Infosecworld 08 Orlando] CSRF: The Biggest Little Vulnerability on the Web [Infosecworld 08 Orlando] CSRF: The Biggest Little Vulnerability on the Web
[Infosecworld 08 Orlando] CSRF: The Biggest Little Vulnerability on the Web
 
Cloud Native Journey in Synchrony Financial
Cloud Native Journey in Synchrony FinancialCloud Native Journey in Synchrony Financial
Cloud Native Journey in Synchrony Financial
 
SharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
SharePoint 2010, Claims-Based Identity, Facebook, and the CloudSharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
SharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
 
Protecting web APIs with OAuth 2.0
Protecting web APIs with OAuth 2.0Protecting web APIs with OAuth 2.0
Protecting web APIs with OAuth 2.0
 
Web Attacks - Top threats - 2010
Web Attacks - Top threats - 2010Web Attacks - Top threats - 2010
Web Attacks - Top threats - 2010
 
OAuth2 and Spring Security
OAuth2 and Spring SecurityOAuth2 and Spring Security
OAuth2 and Spring Security
 
TechEd Africa 2011 - Collaborating with Extranet Partners on SharePoint 2010
TechEd Africa 2011 - Collaborating with Extranet Partners on SharePoint 2010TechEd Africa 2011 - Collaborating with Extranet Partners on SharePoint 2010
TechEd Africa 2011 - Collaborating with Extranet Partners on SharePoint 2010
 
Identity Federation on JBossAS
Identity Federation on JBossASIdentity Federation on JBossAS
Identity Federation on JBossAS
 
RESTful Day 5
RESTful Day 5RESTful Day 5
RESTful Day 5
 
Stateless authentication with OAuth 2 and JWT - JavaZone 2015
Stateless authentication with OAuth 2 and JWT - JavaZone 2015Stateless authentication with OAuth 2 and JWT - JavaZone 2015
Stateless authentication with OAuth 2 and JWT - JavaZone 2015
 
Access management
Access managementAccess management
Access management
 
Hacking Ajax & Web Services - Next Generation Web Attacks on the Rise
Hacking Ajax & Web Services - Next Generation Web Attacks on the RiseHacking Ajax & Web Services - Next Generation Web Attacks on the Rise
Hacking Ajax & Web Services - Next Generation Web Attacks on the Rise
 

Ähnlich wie Identity, Security Credentials and XML Web Services

Identity, Security, and XML Web Services -- The Importance of Interoperable S...
Identity, Security, and XML Web Services -- The Importance of Interoperable S...Identity, Security, and XML Web Services -- The Importance of Interoperable S...
Identity, Security, and XML Web Services -- The Importance of Interoperable S...Jorgen Thelin
 
SSL Certificate: Stamp of Web Security
SSL Certificate: Stamp of Web SecuritySSL Certificate: Stamp of Web Security
SSL Certificate: Stamp of Web SecurityHTS Hosting
 
A Complete RapidSSL Guide on Securing Online Business with SSL Certificate
A Complete RapidSSL Guide on Securing Online Business with SSL CertificateA Complete RapidSSL Guide on Securing Online Business with SSL Certificate
A Complete RapidSSL Guide on Securing Online Business with SSL CertificateRapidSSLOnline.com
 
Understanding Digital Certificates & Secure Sockets Layer
Understanding Digital Certificates & Secure Sockets LayerUnderstanding Digital Certificates & Secure Sockets Layer
Understanding Digital Certificates & Secure Sockets LayerCheapSSLUSA
 
Certificates and Web of Trust
Certificates and Web of TrustCertificates and Web of Trust
Certificates and Web of TrustYousof Alsatom
 
Security and information assurance
Security and information assuranceSecurity and information assurance
Security and information assurancebdemchak
 
Identity 2.0 and User-Centric Identity
Identity 2.0 and User-Centric IdentityIdentity 2.0 and User-Centric Identity
Identity 2.0 and User-Centric IdentityOliver Pfaff
 
Hidden Dangers Lurking in E-Commerce and Reducing Fraud with the Right SSL Ce...
Hidden Dangers Lurking in E-Commerce and Reducing Fraud with the Right SSL Ce...Hidden Dangers Lurking in E-Commerce and Reducing Fraud with the Right SSL Ce...
Hidden Dangers Lurking in E-Commerce and Reducing Fraud with the Right SSL Ce...CheapSSLsecurity
 
Website Security Certification The Key to Keeping Your Website Safe
Website Security Certification The Key to Keeping Your Website SafeWebsite Security Certification The Key to Keeping Your Website Safe
Website Security Certification The Key to Keeping Your Website SafePixlogix Infotech
 
What is Advanced Web Servicels.pdf
What is Advanced Web Servicels.pdfWhat is Advanced Web Servicels.pdf
What is Advanced Web Servicels.pdfAngelicaPantaleon3
 
Types of SSL Certificates for Every Business Need
Types of SSL Certificates for Every Business NeedTypes of SSL Certificates for Every Business Need
Types of SSL Certificates for Every Business Needawakish
 
Managing Identity and Securing Your Mobile and Web Applications with Amazon C...
Managing Identity and Securing Your Mobile and Web Applications with Amazon C...Managing Identity and Securing Your Mobile and Web Applications with Amazon C...
Managing Identity and Securing Your Mobile and Web Applications with Amazon C...Amazon Web Services
 
Digital certificates in e commerce
Digital certificates in e commerceDigital certificates in e commerce
Digital certificates in e commercemahesh tawade
 
the-most-dangerous-code-in-the-world
the-most-dangerous-code-in-the-worldthe-most-dangerous-code-in-the-world
the-most-dangerous-code-in-the-worldMartin Georgiev
 
the-most-dangerous-code-in-the-world
the-most-dangerous-code-in-the-worldthe-most-dangerous-code-in-the-world
the-most-dangerous-code-in-the-worldMartin Georgiev
 

Ähnlich wie Identity, Security Credentials and XML Web Services (20)

Web-services
Web-services Web-services
Web-services
 
Identity, Security, and XML Web Services -- The Importance of Interoperable S...
Identity, Security, and XML Web Services -- The Importance of Interoperable S...Identity, Security, and XML Web Services -- The Importance of Interoperable S...
Identity, Security, and XML Web Services -- The Importance of Interoperable S...
 
SSL Certificate: Stamp of Web Security
SSL Certificate: Stamp of Web SecuritySSL Certificate: Stamp of Web Security
SSL Certificate: Stamp of Web Security
 
A Complete RapidSSL Guide on Securing Online Business with SSL Certificate
A Complete RapidSSL Guide on Securing Online Business with SSL CertificateA Complete RapidSSL Guide on Securing Online Business with SSL Certificate
A Complete RapidSSL Guide on Securing Online Business with SSL Certificate
 
Understanding Digital Certificates & Secure Sockets Layer
Understanding Digital Certificates & Secure Sockets LayerUnderstanding Digital Certificates & Secure Sockets Layer
Understanding Digital Certificates & Secure Sockets Layer
 
Lotusphere 2011 SHOW104
Lotusphere 2011 SHOW104Lotusphere 2011 SHOW104
Lotusphere 2011 SHOW104
 
Certificates and Web of Trust
Certificates and Web of TrustCertificates and Web of Trust
Certificates and Web of Trust
 
Security and information assurance
Security and information assuranceSecurity and information assurance
Security and information assurance
 
Understanding The World Of SSL Certificates.pdf
Understanding The World Of SSL Certificates.pdfUnderstanding The World Of SSL Certificates.pdf
Understanding The World Of SSL Certificates.pdf
 
Identity 2.0 and User-Centric Identity
Identity 2.0 and User-Centric IdentityIdentity 2.0 and User-Centric Identity
Identity 2.0 and User-Centric Identity
 
Hidden Dangers Lurking in E-Commerce and Reducing Fraud with the Right SSL Ce...
Hidden Dangers Lurking in E-Commerce and Reducing Fraud with the Right SSL Ce...Hidden Dangers Lurking in E-Commerce and Reducing Fraud with the Right SSL Ce...
Hidden Dangers Lurking in E-Commerce and Reducing Fraud with the Right SSL Ce...
 
Website Security Certification The Key to Keeping Your Website Safe
Website Security Certification The Key to Keeping Your Website SafeWebsite Security Certification The Key to Keeping Your Website Safe
Website Security Certification The Key to Keeping Your Website Safe
 
What is Advanced Web Servicels.pdf
What is Advanced Web Servicels.pdfWhat is Advanced Web Servicels.pdf
What is Advanced Web Servicels.pdf
 
Types of SSL Certificates for Every Business Need
Types of SSL Certificates for Every Business NeedTypes of SSL Certificates for Every Business Need
Types of SSL Certificates for Every Business Need
 
Managing Identity and Securing Your Mobile and Web Applications with Amazon C...
Managing Identity and Securing Your Mobile and Web Applications with Amazon C...Managing Identity and Securing Your Mobile and Web Applications with Amazon C...
Managing Identity and Securing Your Mobile and Web Applications with Amazon C...
 
Digital certificates in e commerce
Digital certificates in e commerceDigital certificates in e commerce
Digital certificates in e commerce
 
the-most-dangerous-code-in-the-world
the-most-dangerous-code-in-the-worldthe-most-dangerous-code-in-the-world
the-most-dangerous-code-in-the-world
 
Shmat ccs12
Shmat ccs12Shmat ccs12
Shmat ccs12
 
the-most-dangerous-code-in-the-world
the-most-dangerous-code-in-the-worldthe-most-dangerous-code-in-the-world
the-most-dangerous-code-in-the-world
 
Vps server 14
Vps server 14Vps server 14
Vps server 14
 

Mehr von Jorgen Thelin

The Internet of Cars - Towards the Future of the Connected Car
The Internet of Cars - Towards the Future of the Connected CarThe Internet of Cars - Towards the Future of the Connected Car
The Internet of Cars - Towards the Future of the Connected CarJorgen Thelin
 
Orleans: Cloud Computing for Everyone - SOCC 2011
Orleans: Cloud Computing for Everyone - SOCC 2011Orleans: Cloud Computing for Everyone - SOCC 2011
Orleans: Cloud Computing for Everyone - SOCC 2011Jorgen Thelin
 
Identity Services Drilldown - TechEd NA 2009
Identity Services Drilldown - TechEd NA 2009Identity Services Drilldown - TechEd NA 2009
Identity Services Drilldown - TechEd NA 2009Jorgen Thelin
 
Protecting Online Identities - MIX09
Protecting Online Identities - MIX09Protecting Online Identities - MIX09
Protecting Online Identities - MIX09Jorgen Thelin
 
Live Identity Services Drilldown - PDC 2008
Live Identity Services Drilldown - PDC 2008Live Identity Services Drilldown - PDC 2008
Live Identity Services Drilldown - PDC 2008Jorgen Thelin
 
The New Enterprise Alphabet - .Net, XML And XBRL
The New Enterprise Alphabet - .Net, XML And XBRLThe New Enterprise Alphabet - .Net, XML And XBRL
The New Enterprise Alphabet - .Net, XML And XBRLJorgen Thelin
 
WS-* Specifications Update 2007
WS-* Specifications Update 2007WS-* Specifications Update 2007
WS-* Specifications Update 2007Jorgen Thelin
 
WS-* Protocol Workshop Process Overview
WS-* Protocol Workshop Process OverviewWS-* Protocol Workshop Process Overview
WS-* Protocol Workshop Process OverviewJorgen Thelin
 
Web Services and Devices Profile for Web Services (DPWS)
Web Services and Devices Profile for Web Services (DPWS)Web Services and Devices Profile for Web Services (DPWS)
Web Services and Devices Profile for Web Services (DPWS)Jorgen Thelin
 
Web Services Discovery for Devices
Web Services Discovery for DevicesWeb Services Discovery for Devices
Web Services Discovery for DevicesJorgen Thelin
 
Overview of Windows Vista Devices and Windows Communication Foundation (WCF)
Overview of Windows Vista Devices and Windows Communication Foundation (WCF)Overview of Windows Vista Devices and Windows Communication Foundation (WCF)
Overview of Windows Vista Devices and Windows Communication Foundation (WCF)Jorgen Thelin
 
Making Sense Of Web Services
Making Sense Of Web ServicesMaking Sense Of Web Services
Making Sense Of Web ServicesJorgen Thelin
 
Interoperability and Windows Communication Foundation (WCF) Overview
Interoperability and Windows Communication Foundation (WCF) OverviewInteroperability and Windows Communication Foundation (WCF) Overview
Interoperability and Windows Communication Foundation (WCF) OverviewJorgen Thelin
 
Real World Business Interoperability
Real World Business InteroperabilityReal World Business Interoperability
Real World Business InteroperabilityJorgen Thelin
 
Achieving Interoperability Through Web Services
Achieving Interoperability Through Web ServicesAchieving Interoperability Through Web Services
Achieving Interoperability Through Web ServicesJorgen Thelin
 
Zero-Defects Plug and Play -- General Quality Frameworks and Processes for Ac...
Zero-Defects Plug and Play -- General Quality Frameworks and Processes for Ac...Zero-Defects Plug and Play -- General Quality Frameworks and Processes for Ac...
Zero-Defects Plug and Play -- General Quality Frameworks and Processes for Ac...Jorgen Thelin
 
Web Services Security Tutorial
Web Services Security TutorialWeb Services Security Tutorial
Web Services Security TutorialJorgen Thelin
 
Web Service Oriented Architecture
Web Service Oriented ArchitectureWeb Service Oriented Architecture
Web Service Oriented ArchitectureJorgen Thelin
 
Web Services Container
Web Services ContainerWeb Services Container
Web Services ContainerJorgen Thelin
 
Server Farms and XML Web Services
Server Farms and XML Web ServicesServer Farms and XML Web Services
Server Farms and XML Web ServicesJorgen Thelin
 

Mehr von Jorgen Thelin (20)

The Internet of Cars - Towards the Future of the Connected Car
The Internet of Cars - Towards the Future of the Connected CarThe Internet of Cars - Towards the Future of the Connected Car
The Internet of Cars - Towards the Future of the Connected Car
 
Orleans: Cloud Computing for Everyone - SOCC 2011
Orleans: Cloud Computing for Everyone - SOCC 2011Orleans: Cloud Computing for Everyone - SOCC 2011
Orleans: Cloud Computing for Everyone - SOCC 2011
 
Identity Services Drilldown - TechEd NA 2009
Identity Services Drilldown - TechEd NA 2009Identity Services Drilldown - TechEd NA 2009
Identity Services Drilldown - TechEd NA 2009
 
Protecting Online Identities - MIX09
Protecting Online Identities - MIX09Protecting Online Identities - MIX09
Protecting Online Identities - MIX09
 
Live Identity Services Drilldown - PDC 2008
Live Identity Services Drilldown - PDC 2008Live Identity Services Drilldown - PDC 2008
Live Identity Services Drilldown - PDC 2008
 
The New Enterprise Alphabet - .Net, XML And XBRL
The New Enterprise Alphabet - .Net, XML And XBRLThe New Enterprise Alphabet - .Net, XML And XBRL
The New Enterprise Alphabet - .Net, XML And XBRL
 
WS-* Specifications Update 2007
WS-* Specifications Update 2007WS-* Specifications Update 2007
WS-* Specifications Update 2007
 
WS-* Protocol Workshop Process Overview
WS-* Protocol Workshop Process OverviewWS-* Protocol Workshop Process Overview
WS-* Protocol Workshop Process Overview
 
Web Services and Devices Profile for Web Services (DPWS)
Web Services and Devices Profile for Web Services (DPWS)Web Services and Devices Profile for Web Services (DPWS)
Web Services and Devices Profile for Web Services (DPWS)
 
Web Services Discovery for Devices
Web Services Discovery for DevicesWeb Services Discovery for Devices
Web Services Discovery for Devices
 
Overview of Windows Vista Devices and Windows Communication Foundation (WCF)
Overview of Windows Vista Devices and Windows Communication Foundation (WCF)Overview of Windows Vista Devices and Windows Communication Foundation (WCF)
Overview of Windows Vista Devices and Windows Communication Foundation (WCF)
 
Making Sense Of Web Services
Making Sense Of Web ServicesMaking Sense Of Web Services
Making Sense Of Web Services
 
Interoperability and Windows Communication Foundation (WCF) Overview
Interoperability and Windows Communication Foundation (WCF) OverviewInteroperability and Windows Communication Foundation (WCF) Overview
Interoperability and Windows Communication Foundation (WCF) Overview
 
Real World Business Interoperability
Real World Business InteroperabilityReal World Business Interoperability
Real World Business Interoperability
 
Achieving Interoperability Through Web Services
Achieving Interoperability Through Web ServicesAchieving Interoperability Through Web Services
Achieving Interoperability Through Web Services
 
Zero-Defects Plug and Play -- General Quality Frameworks and Processes for Ac...
Zero-Defects Plug and Play -- General Quality Frameworks and Processes for Ac...Zero-Defects Plug and Play -- General Quality Frameworks and Processes for Ac...
Zero-Defects Plug and Play -- General Quality Frameworks and Processes for Ac...
 
Web Services Security Tutorial
Web Services Security TutorialWeb Services Security Tutorial
Web Services Security Tutorial
 
Web Service Oriented Architecture
Web Service Oriented ArchitectureWeb Service Oriented Architecture
Web Service Oriented Architecture
 
Web Services Container
Web Services ContainerWeb Services Container
Web Services Container
 
Server Farms and XML Web Services
Server Farms and XML Web ServicesServer Farms and XML Web Services
Server Farms and XML Web Services
 

Kürzlich hochgeladen

Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfPrecisely
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 

Kürzlich hochgeladen (20)

Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 

Identity, Security Credentials and XML Web Services

  • 1. Identity, Security and XML Web Services Jorgen Thelin Chief Scientist Cape Clear Software Inc. E-mail: Jorgen.Thelin@CapeClear.com
  • 2.
  • 3.
  • 4.
  • 5.
  • 6.
  • 7.
  • 8.
  • 9.
  • 10.
  • 11.
  • 12.
  • 13. End-to-end Security Credentials Client WS Broker WS Gateway WS Gateway Firewall Firewall Firewall Firewall EJB Public Internet XML security credentials “ The Last Mile” Web Service CORBA
  • 14.
  • 15.
  • 16.
  • 17. Typical XML Security Dialogue – Non Self-Validating Credentials Need to query the security service to validate the credentials
  • 18. Typical XML Security Dialogue – Self Validating Credentials No need to query the security service to validate the credentials. Usually done by the security authority digitally signing the credentials.
  • 19.
  • 20.
  • 21.
  • 22.
  • 23.
  • 24.
  • 25.
  • 26.
  • 27.
  • 28.
  • 29.
  • 30.
  • 31.
  • 32.
  • 33.
  • 34.