SOA Best Practices Digest
Although certain RESTful web services are of a ‘public’ nature and do not
have specific security requirements such as authentication and authorization,
any service that has an entry point from an untrusted network is subject to
attack and proper threat protection measures are always an essential
RESTful web services are closely aligned to the web itself and as such
inherit all traditional threats from the web. Although network level threats
are well understood and addressed by traditional firewall infrastructure,
RESTful web services type APIs are also subject to content (or message) level
For example, consider APIs where XML payloads are POSTed and/or PUT from
external requesters. A particularly dangerous threat was uncovered last
summer involving a vulnerability in most XML parsing libraries used at the
time. An... (more)
The Enterprise is buzzing with API initiatives these days. APIs not only
serve mobile applications, they are increasingly redefining how the
enterprise does B2B and integration in general. API management as a category
follows different models. On one hand, certain technology vendors offer
specialized infrastructure to handle the many aspects of API management. On
the other, an increasing number of SaaS vendors offer a service which you
subscribe to, providing a pre-installed, hosted, basic API management system.
Hybrid models are emerging, but that’s a topic for a future post.
The adoption of cloud by organizations looking for more efficient ways to
deploy their own IT assets or as a means to offset the burden of data
management drives the need for identity federation in the enterprise.
Compounding this is the mobile effect from which there is no turning back.
Data must be available any time, from anywhere and the identities accessing
it must be asserted on mobile devices, in cloud zones, always under the
stewardship of the enterprise.
APIs serve federation by enabling lightweight delegated authentication
schemes based on OAuth handshakes using the sa... (more)
The WS Secure Conversation specification describes a mechanism letting
multiple parties establish a context (using the WS Trust Request Security
Token standard) and secure subsequent SOAP exchanges. Each WS Secure
Conversation session has an associated shared secret. Instead of using this
shared secret directly to sign and encrypt the conversation's messages,
symmetric keys are derived from the secret itself. Deriving new keys for each
message and different keys for signature and encryption limits the amount of
data that an attacker can analyze in attempting to compromise the con... (more)
Imagine a fresh business relationship between ACME Corporation and Partner.
As a result of this relationship, ACME wants to grant Partner limited access
to one of its core internal applications. They do this, naturally, by
exposing a Web service.
Why Identity Federation?
Boris (an employee at Partner) sends a SOAP request to the ACME Web service
along with some password or proof-of-possession type credentials. Because
Boris's identity is managed outside of ACME, those credentials cannot be
authenticated using ACME's authentication infrastructure.
To circumvent this issue, one cou... (more)