SECTET SECTET Model driven Security of Service Oriented Systems y - - PowerPoint PPT Presentation

sectet sectet
SMART_READER_LITE
LIVE PREVIEW

SECTET SECTET Model driven Security of Service Oriented Systems y - - PowerPoint PPT Presentation

Dec 05, 2023 373 likes •647 views

Japan-Austria Joint Workshop on ICT October 18-19 2010, Tokyo, Japan SECTET SECTET Model driven Security of Service Oriented Systems y y based on Security as a Service Basel Katt , Ruth Breu, Mukhtiar Memon and Michael

slide-1
SLIDE 1

Japan-Austria Joint Workshop on “ICT”

October 18-19 2010, Tokyo, Japan

SECTET SECTET‐

Model driven Security of Service Oriented Systems y y based on Security‐as‐a‐Service

Basel Katt, Ruth Breu, Mukhtiar Memon and Michael Hafner

Research Group Quality Engineering University of Innsbruck University of Innsbruck

slide-2
SLIDE 2

Quality Engineering

Selected Projects

Slide2

slide-3
SLIDE 3

Quality Engineering Laura Bassi Lab Quality Engineering Laura Bassi Lab Living Models for Collaborative Systems

Industry Partners

Slide3

slide-4
SLIDE 4

Agenda

  • Motivation

Service Oriented Systems  Service Oriented Systems  Challenges

  • Healthcare Scenario
  • SECTET : Model based configuration of Service Oriented Systems

 Model Driven Security (MDS)  Security as a Service (SeAAS) Architecture

  • Conclusion

Slide4

slide-5
SLIDE 5

Service Oriented Systems

  • Independent partners offer and call services
  • Collaboration across enterprises and systems

Collaboration across enterprises and systems

  • New generation of cooperative applications

 Electronic health record, traffic management, energy trading, etc. , g , gy g,

Slide5

slide-6
SLIDE 6

Challenges

  • Collaborative systems based on SOA

Dynamically composed language and technology independent  Dynamically composed, language and technology independent  Agile and dynamically evolving systems

  • Standards only address basic security requirements

y y q

 Solve these requirements at a low technical level

  • Security enforcement at the service end points

 Places significant processing burden on service nodes  Renders maintenance and management cumbersome

Slide6

slide-7
SLIDE 7

Goals

  • The gap between domain experts and software engineers
  • Maintainability and configurabl ity“ of security services
  • Maintainability and configurabl„ity“ of security services

 Ability to re‐configure after deployment due to requirement changes or mechanisms‘ updates  Support of multiple security architectures for each requirement

  • Enforcement

 Enforcing complex security requirements  Consistent enforcement of security policies in enterprise‐level solutions

  • Performance
  • Performance

 Security services involve performance costly functions

Slide7

slide-8
SLIDE 8

Example – Distributed Electronic Health Record (EHR)

Health Network Tyrol

Slide8

Health Network Tyrol

slide-9
SLIDE 9

Example – Healthcare Scenario

  • EHR represents a consolidated virtual medical record

Distributed across various care providers  Distributed across various care providers

1 General Practitioner

Patient Records Electronic Health Record

2 Public Healthcare Provider A

Virtual Electronic Health Record

Patient Records Referral Diagnosis

4 3 3rd Party Patient

Patient Electronic Medical Record

5 3 Party Institution Specialist

Patient Records Radiography

Private Healthcare Provider B

Slide9

Provider

slide-10
SLIDE 10

Example – Healthcare Scenario

  • Inter‐organizational workflows

 Services that can be offered or Services that can be offered or called by each partner  Functional interaction between diff k h ld ( l ) different stakeholders (roles)

  • Security requirements

 Non‐repudiation and Non repudiation and authentication

Slide10

slide-11
SLIDE 11

SECTET – Model‐Based Configuration of Service Oriented Systems

Security Requirements

  • 1. MDS:

Models configure services Business Security Policies (UML Diagrams) g

  • f a security architecture
  • 2. SeAAS:

Security architecture is based on security as a service paradigm p g

Slide11

slide-12
SLIDE 12

SECTET Methodology – Model Driven Security (MDS)

Traditional MDS approach SECTET MDS approach

Slide12

slide-13
SLIDE 13

SECTET Model Driven Security Process

  • Two procedures are

considered in SECTET MDS considered in SECTET MDS approach

 Architectural pattern

Define abstract security policy

refinement  Security policy model transformations

define/select abstract archietctural pattern define platform Independent policy model

transformations

  • Two artifacts are generated

 Security policy configuration

transform to platform specific policy transform to platform specific pattern generate policy configuration generate process configuration

 Security service process configuration

deploy configurations

Slide13

slide-14
SLIDE 14

Model Driven Security (MDS) – Benefits

  • Integrate security concerns in the early stage of system development
  • Enrich functional models with security extensions that represent
  • Enrich functional models with security extensions that represent

abstract security policies

  • Generate declarative security policies and process configurations

Generate declarative security policies and process configurations

  • Separate tasks between: domain experts, security experts and the

system administration

  • Support multiple security patterns for each requirement
  • Enhance management and configurabilty of the architecture

Slide14

slide-15
SLIDE 15

Security Enhanced Functional Models

<<domainRole>>

RadiographySepcialist

<<domainRole>>

RadiographySepcialist

<<partnerRole>>

PathologyLab

1 *

<<domainRole>>

PrimaryPhysician

<<domainRole>>

Patient RadiographySepcialist PathologyLab

<<domainRole>>

PrimaryPhysician

<<partnerRole>>

Clinic

1 *

Role Model

1 <<document>>

PatientMedicalRecord

Document Model

<<document>>

Radiography

<<document>>

Prescription

<<document>>

Referral

Interface Model

<<interface>>

MedicalSystem

+ CreatePMR + ReferToSpecialist() + ViewPMR + UpdatePMR

Slide15

Interface Model

slide-16
SLIDE 16

Abstract Security Models Layer

Abstract Authentication Policy

Security Architectural Patterns Security Policy Model Model Instant Security Policy Platform Specific Architecture

Slide16

slide-17
SLIDE 17

Model Deriven Security – Architectural Patterns

Security Pattern Refinement Example: Authentication

1) Platform -independent refinem ent to security architectural pattern 2) Platform -specific refinem ent to target architecture

Slide17

slide-18
SLIDE 18

Model Deriven Security – Security Policies

Slide18

slide-19
SLIDE 19

Runtime Platform – Model Transformations

Security Policy Models Platform-specific Pattern architecture Source Models Transformation Templates

<bpws:process exitOnStandardFault="yes" name="NRP" > <bpws:partnerLinks> <bpws:partnerLink myRole="nro"

<wsp:Policy xmlns:wsp="http:// …. /policy" <wsp:ExactlyOne> <sp:AsymmetricBinding> <sp:InitiatorToken> <sp:X509Token sp:IncludeToken " /AlwaysToRecipient">

p p y name="localNROLink" partnerLinkType="tns:NRProcess"/> </bpws:partnerLinks> <bpws:invoke

  • peration="requestNRO"

partnerLink="remoteNROLink"

<sp:X509Token sp:IncludeToken= .../AlwaysToRecipient > <sp:WssX509V3Token10 /> </sp:InitiatorToken> <sp:RecipientToken> .. <sp:AlgorithmSuite> <sp:TripleDesRsa15 />

Generated Code

p portType="tns:NRO" inputVariable="evidenceRequest"/> <bpws:receive

  • peration="receiveNRO"

partnerLink="localNRRLink" portType="tns:NRR" variable="receiveEvidence">

... <sp:IncludeTimestamp /> </sp:SignedEncryptedSupportingTokens> <sp:SignedElements> <sp:XPath xmlns:env=".../">//env:Body/*[1]</sp:XPath> .. <sp:ContentEncryptedElements> <sp:XPath xmlns:env=" e/">//env:Body/*[1]</sp:XPath>

Slide19 p yp </bpws:sequence> </bpws:process>

<sp:XPath xmlns:env= ...e/ >//env:Body/*[1]</sp:XPath> </sp:ContentEncryptedElements> </wsp:ExactlyOne> </wsp:Policy>

slide-20
SLIDE 20

SECTET Methodology – SeAAS Reference Architecture

Ser ice E i S i

Response

Service Endpoints Enterprise Service Bus (ESB)

  • Features:

 Dedicated shared services in a security domain

SeAAS Engine

Request

SeAAS Component

security domain  Decoupled from service endpoints  SeAAS security compositions engine Out of bound protocol execution

SeAAS Engine Security Services

Policy Repository

 Out‐of‐bound protocol execution  Message oriented integration with ESB  WS based Standards

Token Validation Request Key

Primitive Security Services

Encryption Service Authentication Service Time Stamping Service Signature Service

 WS‐based Standards

  • Benefits

Token Validation Response Repository

Non Service Security Authorization Service Compliance Service Service

 Better performance  Easy deployment/management  Configurable security components

Logging Service Non Repudiation Service y Monitoring Service

Configurable security components  Security service composition  Loosely coupled components  Extendable architecture

Slide20

Extendable architecture

slide-21
SLIDE 21

Complex Security Services Executions

  • Security workflow for complex security service
  • Security WS interface for Inter‐Domain interactions

Healthcare Services

(Clinic)

Client Application

(Radiography Specialist)

(Request) Access to EHR (Response) Grant/Deny Access (Response) Grant/Deny Access

SeAAS Engine

Non-repudiation Service Monitoring Service Authorization Service Logging Service Security Non-repudiation Service Monitoring Service

SeAAS Engine

Authorization Service Logging Service

SeAAS Component (Domain 1) SeAAS Component (Domain 2)

Authentication Service Security Compliance Service Security Compliance Service WS Interface Security Token Service WS Interface Security Token Service Authentication Service

Out-of-band Authentication Process

Slide21

slide-22
SLIDE 22

SECTET Methodology – SeAAS Implementation

  • The delivery of security functionality over infrastructure components

in a service oriented manner

Slide22

slide-23
SLIDE 23

SECTET – An Overview

Vision „The systemic realization of security‐critical inter‐

  • rganizational cooperations based on generic, composable

Components

  • An extensible domain specific language
  • A reference architecture based on Security As a Service

( )

From Platform Independent Models

Abstract Patterns Specific Patterns Model Driven Security Process security servcies.“ (SeAAS)

  • A multi‐level transformation framework for Model Driven

Security

1

Model Driven Security Process

2a 2c

Business Messages

Security Policy

2b 4

Security Protocol Messages

… to Code Artefacts

SeAAS Infrastructure

4

slide-24
SLIDE 24

Conclusion

  • Collaborative systems based on SOA are heterogeneous, agile and

dynamically evolving

  • The best practice for SOA security is based on

 Endpoint security  Traditional MDS approach to close the business‐code gap is

  • Applied in one step
  • Inflexible and supports one security pattern

pp y p

  • Proposed SECTET framework is based on two main concepts

 SeAAS methodology for the design of the reference architecture (RA)  Enhanced MDS methodology for the configuration of security services

Slide24

slide-25
SLIDE 25

Future Work

  • Investigating further security services like security monitoring, identity

management, and usage control

  • Developing the formal foundation of the refinement process and

i i i security composition

  • Deploying and testing an EHR system developed by our industrial
  • Deploying and testing an EHR system developed by our industrial

partner, ITHicoserve

Slide25

slide-26
SLIDE 26

… Thank you for your attention!

  • www. sectissimo.info

Slide26