Web services

Download Report

Transcript Web services

Overcoming the SOA Network Fallacy
Roberto Medrano
Executive Vice President
Copyright © 2005 SOA Software, Inc. All Rights Reserved. Specifications Subject to Change Without Notice.
SOA Transcends the Network
•
If you listen to SOA advocates, you might get the idea that a Service-Oriented
Architecture transcends the network:
– Web services consumers and providers have a logical relationship to one another – to the
consumer, the Web Service is a URL, which could be anywhere, on any network segment
– One of the major advantages of SOA as an architectural paradigm is the concept of
“network transparency” – to work, an SOA does not need any specific network
configuration. The Web can be your new “corporate network”
•
In others, when you’re thinking SOA, forget the network. The network doesn’t
matter…
March 28, 2017
Copyright © 2005 SOA Software, Inc. All Rights Reserved. Specifications Subject to Change Without Notice.
Slide 2
The SOA Network Fallacy
•
•
•
•
Don’t get lulled into a false sense of network irrelevancy
Based on the ideas of network transparency and the logical relationship between
consumer and provider, some people in the EA field (sometimes SOA Vendors)
conclude that the network does not matter in an SOA.
This is exactly wrong. We call this the “SOA Network Fallacy”
In an SOA, the network is perhaps more important than in any earlier EA
paradigm:
Web Services are network-based application components
Consumers
Providers
Discovery of Web Services through the network
UDDI/Registries are network-based
Movement of SOAP messages, and WSDL documents over the network
Security and governance for Web Services rely on network transports
Movement of SAML tokens, PKI, etc. across network
•
SOA relies on the network. Period.
March 28, 2017
Copyright © 2005 SOA Software, Inc. All Rights Reserved. Specifications Subject to Change Without Notice.
Slide 3
Getting into it: SOA Deployments
Customers
Teleworkers
Road warriors
Distributed
Enterprise/Branch
SOA Consumers
Partners
Extended Enterprise
Converged IP
IPNetwork
Network
Campus
Data Centers
Private WAN or VPN
SOA Apps
March 28, 2017
Copyright © 2005 SOA Software, Inc. All Rights Reserved. Specifications Subject to Change Without Notice.
Slide 4
General Security Characteristics of Web
Services and SOA
Copyright © 2005 SOA Software, Inc. All Rights Reserved. Specifications Subject to Change Without Notice.
SOA security risks - Enterprise
•
•
Monolithic applications used perimeter security
Componentization (separating data, business logic and presentation layers)
increases the number of potential attack points
March 28, 2017
Copyright © 2005 SOA Software, Inc. All Rights Reserved. Specifications Subject to Change Without Notice.
Slide 6
Security/compliance Related Characteristics of Web Services
•
Web services (often) use Web protocols. i.e. A Web service invocation is an RPC that
goes through Port 80
–
Security issues
•
•
•
•
Web services use XML, which is open and text-based
–
Security issues:
•
•
•
•
•
Eavesdropping
Lack of confidentiality
Malicious modification of messages in transit
Accidental or malicious disclosure of sensitive information
Web services are “machine to machine” i.e. The user (consumer) of Web service is
another application
–
Security Issues
•
•
•
Critical and/or confidential software functions may be exposed to unauthorized access
Existing perimeter controls may not be effective to prevent unauthorized access
Integrity/confidentiality of data exposed as Web services may be at risk
Access management
Identity management
Web services lead to new application structures and development processes
–
–
–
–
Composite applications
Service bus
Increased and faster-paced inter-company and inter-divisional development projects
Security issues:
•
•
March 28, 2017
SLDC and change management
Governance
Copyright © 2005 SOA Software, Inc. All Rights Reserved. Specifications Subject to Change Without Notice.
Slide 7
More issues with Web Services and SOA security
•
Authentication
– Asserting and verifying the identity of all the parties involved
•
•
•
•
•
Original requester
Requesting application
Intermediary(s)
Service provider
Authorization
– Determining if the requesting party(s) is/are authorized to access the requested resource
(service/operation)
– Determining if the authorization is valid for this transaction (date/time, number of
requests, etc.)
•
Auditing
– Provide a record of who did what and when they did it
•
Privacy
– Ensure that messages are safe from eavesdropping
•
Non-repudiation
– Ensure that the senders cannot deny sending, and the receivers cannot deny receiving
messages
March 28, 2017
Copyright © 2005 SOA Software, Inc. All Rights Reserved. Specifications Subject to Change Without Notice.
Slide 8
The Importance of SOA Infrastructure
Copyright © 2005 SOA Software, Inc. All Rights Reserved. Specifications Subject to Change Without Notice.
SOA Infrastructure
SOA Infrastructure:
- The complete set of tools and processes to assure security, management, mediation, and
governance of Web services in an enterprise environment
March 28, 2017
Copyright © 2005 SOA Software, Inc. All Rights Reserved. Specifications Subject to Change Without Notice.
Slide 10
SOA Infrastructure Reference Model
•
•
•
SOA Infrastructure provides core
infrastructure services to the SOA
and XML applications and messaging
layer
Service providers, consumers,
enterprise service bus platforms
along with other service proxies,
leverage these infrastructure
services either directly, or via
delegates and agents
Infrastructure services include:
–
Management Application
•
–
Security Service
•
–
UDDI services for core service
discovery
Metadata Repository
•
March 28, 2017
Implements standards like WS-Trust
and XACML as well as common PKI
features
Registry
•
–
Implements management standards
like WS-DM to provide central
performance and health monitoring
and reporting capabilities
Serves policies, WSDLs, Schema,
virtual service definitions and many
other key meta-data items
Copyright © 2005 SOA Software, Inc. All Rights Reserved. Specifications Subject to Change Without Notice.
Slide 11
SOA Infrastructure Reference Model
• SOA Infrastructure as an
enabler of Risk Mitigation
Countermeasures
– Intermediaries between
Web service consumers
and providers
– Centralized repository of
policy meta data
– Dynamic definition,
implementation and
enforcement of policy for
consumers, providers,
and intermediaries
– Future-proofs SOA
against vulnerabilities
caused by changes as
services evolve through
the SDLC
March 28, 2017
Copyright © 2005 SOA Software, Inc. All Rights Reserved. Specifications Subject to Change Without Notice.
Slide 12
Secure Services
•
Ensure the security of services
–
Authentication
•
•
•
•
•
–
–
–
–
•
March 28, 2017
SAML
Kerberos
X.509
Basic Auth
https
Authorization
Privacy (XML-Encryption)
Non-repudiation (XML-Signature)
Audit
Ensure that consumers can comply
with required security policies
Copyright © 2005 SOA Software, Inc. All Rights Reserved. Specifications Subject to Change Without Notice.
Slide 13
Infrastructure Security Services
•
Security Token Server
– Authentication
– Token Exchange
• e.g. HTTP cookie for SAML assertion
– Federation Standards
• WS-Trust
• WS-Federation
•
Authorization Services
– Who can access which parts of a service
– XACML
– Delegate to existing access management solutions
•
•
•
•
•
SiteMinder
TAM
Oblix,
etc.
PKI Services
– Key pair generation
– Certificate Management
– Key distribution
March 28, 2017
Copyright © 2005 SOA Software, Inc. All Rights Reserved. Specifications Subject to Change Without Notice.
Slide 14
Key Web Services security standards
•
•
•
•
•
•
•
WS-Security - security token enveloping
SAML - authentication (and authorization)
XML-Encryption (XML element privacy)
XML-DigitalSignature (XML element signing)
WS-Policy (asserting policies for services and operations)
WS-Trust (building trust relationships and executing trust transactions)
WS-Federation (formal federated identity services)
March 28, 2017
Copyright © 2005 SOA Software, Inc. All Rights Reserved. Specifications Subject to Change Without Notice.
Slide 15
What is Security Policy?
•
Start with Registry
–
–
–
•
Add a repository
–
–
–
•
Change policy once affect many services
Central management of policy
At runtime providers and consumers can leverage
the policy management infrastructure
–
–
March 28, 2017
Store and manage metadata about the
services in the registry
Define and manage policies for security,
management, reliability, routing, etc.
Reference these policies in the service
entries
Repository objects can be shared by
multiple registry entries (services)
–
–
•
Service publishing
Service discovery
A system of record for information about
services
Agents discover and enforce policies
Delegates discover and implement policies to ensure
true loose-coupling
Copyright © 2005 SOA Software, Inc. All Rights Reserved. Specifications Subject to Change Without Notice.
Slide 16
SOA Infrastructure Solutions
March 28, 2017
•
SOA Infrastructure includes Governance,
Management and Security linked together
through SOA Policy Management
•
Governance offers no value without a
runtime solution to enforce policies and
feed back metrics and compliance data
•
Runtime solutions (security and
management) offer minimal value without
central policy control and value-added
service governance capabilities
Copyright © 2005 SOA Software, Inc. All Rights Reserved. Specifications Subject to Change Without Notice.
Slide 17
Standards-based Closed-loop SOA Infrastructure
•
Closed loop means:
–
–
–
–
•
Closed loop infrastructure enables demand
and Value Management
–
–
–
–
–
March 28, 2017
Defining and managing actionable policies in
a governance solution at design-time
Enforcing these policies via deep integration
with a management solution at run-time
Auditing that these policies are being
enforced
Using industry standards (WS-Policy, WSMEX) where appropriate for information
exchange
Collect performance, usage and exception
statistics at run-time
Track these statistics via the governance
solution
Use live, audited information to drive valuebased decisions about the effectiveness of
different services and organizations
Provide developers with up to the minute
information about a service in runtime to
inform their decisions about which services
to use
Manage supply and demand to ensure
maximum efficiency and benefit from SOA
Copyright © 2005 SOA Software, Inc. All Rights Reserved. Specifications Subject to Change Without Notice.
Slide 18
SOA Infrastructure – Policy Management Use Cases
•
Plan, analyze, design, implement, test, change, and retire design and runtime
policies for services
– Define and manage validation and conformance policies for service design and
registration
– Define and manage security, routing, reliability, mediation, and other runtime policies
– NOTE: Without deep integration with an SOA management solution, these policies will be
informational only, and will not be enforced
– Define policies for services across all popular types of service containers including, Java
and .NET app servers, ESBs, Mainframe, and packaged applications
•
Ensure that policies are being effectively enforced with a comprehensive metric
collection model
– Capture performance and usage metrics according to policies
– Statistically and algorithmically capture comprehensive message data
– Track and manage security and other policy exceptions
•
Compare and reconcile collected metrics with policies for audit purposes
March 28, 2017
Copyright © 2005 SOA Software, Inc. All Rights Reserved. Specifications Subject to Change Without Notice.
Slide 19
SOA Infrastructure – Security Use Cases
•
Enforce policies managed by a centralized governance solution
– Consistent policy enforcement for all popular service containers including, Java and .NET
app servers, ESBs, Mainframe, and packaged applications
– Enforce and mediate policies in the network
•
•
•
Ensure the end-to-end security (Au, Az, Privacy, Audit, Non-repudiation) of Web
services messages
Create, manage and distribute public/private key pairs through the SOA
Decouple the security model from the development process
– Allow developers to focus on their business logic and interfaces, allowing the
infrastructure to implement and enforce security, reliability, and messaging policies
•
Ensure the interoperability of Web services clients and service providers
March 28, 2017
Copyright © 2005 SOA Software, Inc. All Rights Reserved. Specifications Subject to Change Without Notice.
Slide 20
Policy-based SOA Infrastructure
March 28, 2017
Copyright © 2005 SOA Software, Inc. All Rights Reserved. Specifications Subject to Change Without Notice.
Slide 21
SOA and Impact on the Network
SOA
Applications
Requirements around
• Scalability
• Performance
• Security
• Load balancing & failover
• SOAP
• XML
• WS* etc.
March 28, 2017
Copyright © 2005 SOA Software, Inc. All Rights Reserved. Specifications Subject to Change Without Notice.
Slide 22
SOA and the Network: Security
• Network related risks
– Access control risk
– Endpoint integrity risks
• App related risks
– Data integrity risks
• SOAP Messages modified in transit
• Data changed or deleted by unauthorized access to databases fronted by Web
Services (XML Injection)
– Data confidentiality risks
• Eavesdropping
• Improper access
– Data availability risks
• Denial of Service through XML exploits
• Endless strings, XML logic bombs
March 28, 2017
Copyright © 2005 SOA Software, Inc. All Rights Reserved. Specifications Subject to Change Without Notice.
Slide 23
Load balancing and failover
•
Unpredictable load characteristics of SOA application traffic
– Server side load balancing
– Network scalability
•
•
•
SOA apps are 24*7
High availability of network infrastructure is a fundamental assumption
How do I ensure that my SOA apps are always available?
March 28, 2017
Copyright © 2005 SOA Software, Inc. All Rights Reserved. Specifications Subject to Change Without Notice.
Slide 24
Scalability
•
•
•
SOA can dramatically increase volume of network traffic (peaks and valleys)
Packet sizes vary (small to large) – text based protocols
How can/should you optimally engineer the network without adding substantial
cost?
March 28, 2017
Copyright © 2005 SOA Software, Inc. All Rights Reserved. Specifications Subject to Change Without Notice.
Slide 25
Real time responsiveness & performance
•
•
•
•
•
March 28, 2017
SOA apps are built with LAN like performance as an assumption
Composite apps – different modules from different systems working together to
deliver on business process – increase performance demands of the network
Delays and packet-loss can cause time-outs of SOA apps – poor end user
experience
Network managers need to support SLAs as SOA based apps get deployed
How to manage network performance without too much cost?
Copyright © 2005 SOA Software, Inc. All Rights Reserved. Specifications Subject to Change Without Notice.
Slide 26
Checking in
•
Do you still think the network is irrelevant to SOA?
•
How can you develop an SOA solution approach that makes the network a strategic asset tha
innovates businesses and business processes
How can you deliver strategic and tactical business results should not require unreasonable
infrastructure trade-offs?
•
•
Best Practice: implement critical network elements with an SOA Governance
oriented approach
Think:
March 28, 2017
Business speed and responsiveness
Busines safety
Business flexibility
Copyright © 2005 SOA Software, Inc. All Rights Reserved. Specifications Subject to Change Without Notice.
Slide 27
Solving the SOA Network Challenges
•
You can build network reliability and security into your SOA by merging best
practices of SOA Governance and infrastructure with a best of breed approach to
network infrastructure.
– SOA and Network Infrastructure working in harmony
• Use SOA Infrastructure management tools to estimate SOA load and harmonize/optimize consumer
and provider connections on the network
• Understand where mediation is necessary between incompatible links in the network that supports
your SOA
–
–
–
ESB mediation
Transport protocol transformation
Routing paths
• Provide for version control, failover, load balancing as an SOA management issue, and integrate
with underlying network infrastructure – you need both to succeed
– Selecting the right SOA infrastructure and network solutions
• Understand where you need an XML firewall
• Work with network solution provider to optimize network performance characteristics for SOA
• Work with network solution provider to resolve potential security issues at the network level
– Embedding Network aspects of the SOA into SOA Governance
• Web Service governance policy metadata can include network parameters
• Centralized SOA governance can provide SOA network management capabilities
• Work toward a “closed loop” of SOA Governance that enforces governance policies that are defined
at design time – in that way, there is reduced risk of lapses in governance policy enforcement for
Web services that are live on the network at runtime
March 28, 2017
Copyright © 2005 SOA Software, Inc. All Rights Reserved. Specifications Subject to Change Without Notice.
Slide 28