Sunday, October 25, 2009

Overview of XML Security Trust and Threat models

Web Services allow machines to interact over a network via XML and SOAP messaging, and this has proven to be a valuable tool to both businesses and consumers. SOA Gateways, such as Forum Sentry, allows one to securely and efficiently process XML, SOAP and REST-based enabling a secure SOA deployment.

XML and Web Services Security can be categorized into Trust and Threat Models. The Threat Model helps identify both inbound and outbound threats and provide means of remediating such threats. Trust Models ensure that message privacy and integrity and retained while ensuring proper that appropriate authentication and authorization decision are made before letting messages traverse a corporate network.

Threats: Three major threats are Denial-of-service attacks (DoS), Viruses, and SQL injections:
  • DoS attacks prevent a user, or an organization, from accessing services of a resource that they would normally be able to gain entry to. Although this type of attack can cost time and money, usually there is no information loss involved.
  • A virus is a program, or a programming code, that replicates itself. Viruses are often found in email attachments, downloaded files, and on CDs. They may erase data or damage the hard drive. When a virus duplicates itself by resending itself as an attachment to an email or as a component of a network message, it is called a worm. There are three classes of viruses: file infectors, system or boot-record infectors, and macro viruses. File infectors attach themselves to program files and infect that program. System, or boot-record infectors, infect code on areas of a disk. Macro viruses are the most common, but they do the least amount of damage. Viruses can use Web services to enter corporate domains by going undetected through SOAP attachments (MIME or MTOM). Since such attachments are Base-64 encoded or maybe encrypted, traditions Anti-virus engines cannot match signatures to detect them
  • SQL injections are used to gain access to a database or retrieve information from a database. This access is unauthorized and programs and applications are at risk of being attacked. It is easy to defend programs and applications from SQL injections by using simple coding practices or by looking for malicious string patterns used for SQL injections.
Trust: Three major categories of trust are privacy, integrity, and identity:
  • When it comes to privacy, encryption protects personal information by encoding information. This has to be done so that only the person, or computer, with the private key can decode the information.
  • Integrity insures that no one tampers with information. Signatures and verification are both part of integrity. Signatures are strings of letters and numbers that represent a signature. The message is scrambled with mathmatical formulas or algorithms. A key is needed to validate the signature. Verification simply validates a users indeed signed a message with his private key.
  • Identity involves authentication, authorization, access control and tokens. Authentication verifies that information comes from a trusted source. One must know who created the information, as well as be sure that the information has not been modified since created. Authentication works closely with encryption to ensure that there is a secure environment. Authorization is simply controlling the access and rights to resources, including things such as services or files. Access control restricts what a user can do various resources. There are many types of tokens including SSL tokens, SAML tokens, and WS-Username tokens. Properly handing such Tokens both at the protocol and message level is crucial for establishing trust between business entities.
Both trust and threat must be addressed so ensure Web Service security. This is an essential component of information technology since a large amount of information is now located on the internet. Forum Systems has developed products that provide security in the Web Service environment.

For more information about trust and threat, see the whitepaper Solving The Trust & Threat Equation.