Docstoc

Secure Architecture Evaluation for Agent Based Web Service Discovery

Document Sample
Secure Architecture Evaluation for Agent Based Web Service Discovery Powered By Docstoc
					                                                                  ACEEE Int. J. on Communication, Vol. 01, No. 03, Dec 2010




    Secure Architecture Evaluation for Agent Based
               Web Service Discovery
                                       V. Prasath1, R.Baskarane2 and P.Savaridassan3
       1,2                      2
             Department of CSE, AssistantProfessor,1,2Christ College of Engineering and Technology,Puducherry,India.
                                 Email: 1prasathvijayan@gmail.com, 2baskarannew@gmail.com
                   3
                     Department of IT, 3Dr.SJS Pauls College of Engineering and Technology,Puducherry,India.
                                                 Email: 3savari.pecit@gmail.com

Abstract—Web Services can be published, discovered and                service provider and a service consumer. The WSDL
invoked over the web. Web Services can be implemented in              document of a web service would include a security policy
any available technology but they are accessible through a            description representing the types of security operations
standard protocol. With web services being accepted and               that are required and supported by the Web-service for its
deployed in both research and industrial areas, the security
related issues become important. In this paper, architecture
                                                                      SOAP message exchanges with consumers.
evaluated for web service on negotiating a mutually
acceptable security policy based on web service description                               II. SYSTEM OVERVIEW
language to both consumer and provider [1]. It allows a
service consumer to discover and retrieve a service-provider’s        A. Service Discovery
security policy for service requests and allows a service
                                                                         Web service discovery can be performed based on a
consumer to send its own security policy for service responses
to the service provider. The service consumer combines its            web service security policy using agents. It consists of a
own policy for service requests with that of the service              service provider, a service consumer and a UDDI to
provider to obtain the applied security policy for requests,          include a discovery agent and security agent and use an
which specifies the set of security operations that the               augmented UDDI that contains security policy information
consumer must perform on the request. The combining takes             to allow secure web service discovery (as shown in
place in such a way that the applied security policy is               Figure1). The discovery agent acts as a broker between a
consistent with both the consumer’s and provider’s security           service consumer, a UDDI registry and a security policy
policies. The service provider also combines its own policy for       that helps to discover secure web services that satisfy the
responses with that of the consumer, to obtain the applied
                                                                      consumer security requirements.
security policy for responses.
                                                                      B. Security Agent
Index Terms—Web Service discovery, Security Service,
Security policy, Agent, ATAM, Web Services Security
                                                                         The security agent describes the security requirement
                                                                      that service provider needs to be registering their WSDL
                        I. INTRODUCTION                               into the registry. Web service security test case describe a
                                                                      testing methodology for web service security and outline a
   Web services are reusable Web components with their                process that can be adopted to evaluate web service
programmatic interfaces described in WSDL.WSDL is a                   security requirements [8]. Test case can be classified
XML format standard for describing the interface of a web             according to different categories of threat faced by web
service. The WSDL description gives information about                 services. Security policy can be represented in the UDDI
what exactly a web service does, how to invoke its                    registry which is typically used to specify the security
functions and where to find it. Universal Description,                policy details of a web service.
Discovery, and Integration (UDDI) is a registry standard,
which allows organizations to publish and discover Web                C. Discovery Agent
Services using standardised methods [4]. The UDDI is an               A discovery agent receives service requests containing
industry initiative to provide a platform-independent                 specifications for functional and security requirements
framework for creating a UDDI Business Registry. There                from the service consumer, finds the services that meet the
are currently several providers of UDDI registers called
UDDI Operators. The UDDI specification defines a set of
data structures and an Application Programming Interface
(API) for registering and finding businesses [5]. The UDDI
specification also allows organizations to create their own
UDDI registries in order to have more control for the
access and the updating of information, and the reliability
of the registry content. We concentrate here on one key
issue, providing security in Web services architecture. In
this paper, we evaluated a technique for deriving mutually
acceptable quality of protection for exchanges between a                         Figure 1. Web service discovery using agents
                                                                  1
© 2010 ACEEE
DOI: 01.IJCOM.01.03.43
                                                                           ACEEE Int. J. on Communication, Vol. 01, No. 03, Dec 2010



specified criteria, and then returns a list of services to the                          IV. EVALUATION OF PROPOSED ARCHITECTURE
consumer in the order of priority. Discovery should be
                                                                                 The proposed architecture is evaluated by the Software
based on web service security polices for concerned
                                                                               Architecture Tradeoff Analysis Method (ATAM).All the
request. The list of available services will be return to the
                                                                               scenarios corresponding to each application of the secure
service consumer in order. This avoids the overhead of
                                                                               web service discovery and retrieval are listed and
discovery mechanism to search secure web services over
                                                                               evaluated.
UDDI registry for consumers needs.
                                                                               A. ATAM: Secure Web Service Discovery
                       III. PROCESS MODEL                                         We put ATAM to the test on our architecture and discuss
   The model works with the exception that the containers                      the findings based on the outputs generated which include
hosting the consumer and provider classes emit a SOAP                          lists of risks, non-risks, sensitivities, and tradeoffs made.
message, which is intercepted by the security service. The                     The findings show that secure web service discovery and
consumer and provider classes could provide the <Security                      retrieval architecture can greatly benefit from using ATAM
Mechanisms> and <Security Services> elements to their                          by revealing its strengths and weaknesses before evolving
security services, in a WSS header, with the security                          the architecture further. It generates a number of outputs
service module identified as the target role. WSDL binding                     such as: a prioritised list of quality attributes, a list of
to support the publication of the security policy in the case                  architectural decisions made, a map linking architectural
that a provider offers a secured interface. Specifically,                      decisions to quality attributes, lists of risks and non-risks,
elements called <Security Mechanisms> and <Security                            and lists of sensitivities and tradeoffs.
Services> are associated with message definitions in the                       B. ATAM Process Phase 1
service’s WSDL instance. In addition, we specify a web
                                                                               Step 1 - Presenting the ATAM Process
service security header for conveying the consumer’s
policy for service responses using the same element                               ATAM stands for Architecture Tradeoff Analysis
definitions. The <Security Mechanisms> element describes                       Method. It is a method that tells how well an architecture
a set of security mechanism, which may be applied to one                       satisfies particular goals by providing insight of how
or more nodes of the SOAP document [1].                                        quality goals interact and how they trade off.
                                                                               Step 2 - Present Business Drivers
                                                                               •Due     to    the     increase   of     business-to-business
                                                                               communication between different organizations over
                                                                               internet resources, the current architecture will provide
                                                                               secure service connection establishment between service
                                                                               consumer and provider with added security policy.
                                                                               •Suggest the service provider to accept the service
                                                                               consumer requirements to add new security features to
                                                                               perform secure tasks.
                                                                               Architecture Drivers
                                                                                  The major quality attribute are as below
                                                                                Prio-      Quality Attribute                 Rationale
            Figure 2. Model for web service security policy
                                                                                 rity           Driver
  Input: User request with specified security criteria
                                                                                   1      Security             It is a major concern to this area of
  Output: Secure match set of services from UDDI
                                                                                                               the architecture because it should
  u(h): Select all the services which matches the functionality
                                                                                                               support authentication, encryption
  requirements of user request that exists in UDDI.
                                                                                                               and     integrity   over     different
   Let u(h)={ws1,ws2…..wsn}wss (h):
                                                                                                               communication       channel       and
  Choose the set of services which have been registered in UDDI with
                                                                                                               platform model.
  security specifications.
  Let wss(h)={ws1(s), ws2(s), ….wsi(s)}
                                                                                   3      Availability         The service should be in need to run
  Step 1 : For each web services wsi in u(h)
                                                                                                               at any time even system failure
  //find the services that match the QOS requirements                                                          occurs over UDDI registry or service
  Step 2: QoS based Selection=Qos_Match (u(h) , QWS Parameters);
                                                                                                               provider.
  Step 3 : If wss(h) requirements specified then
  Step4 :{Secuirty_Search=Security_Match                                           4      Performance          Continues user request will affect the
                    (QoS_Search,wss(h) specified);                                                             system response. we will establish
  Step5 : If wss(h) ratings found then                                                                         the user connection based on token
   //find the services that matches security criteria                                                          request.
  Step6 : return output of available services in wssi in u (h) according
  to criteria rank}
  Step7 :{Else return the output of available services wsi in u (h)}
                                                                               Step 3 - Presenting architecture

                 Figure 3. Service discovery algorithm




                                                                           2
© 2010 ACEEE
DOI: 01.IJCOM.01.03.43
                                                                         ACEEE Int. J. on Communication, Vol. 01, No. 03, Dec 2010




                                                                                Scenario#: 2                         Scenario: Authentication
                                                                               Attribute(s)           Security
                                                                               Environment            Normal operations
                                                                               Stimulus               Service ticket has way to establish trust relationship
                                                                                                      with more than one security domain
                                                                               Response               utility certificate are required to verify the user
                                                                                                      authorization
                                                                               Arch decision          Reasoning
                                                                               Sensitivity            Utility certificate
                                                                               Tradeoff               More computation time and resource used,
                                                                                                      Performance, but not too much.
                                                                               Risk                   Provide certificate to user in more secret
                                                                               Non risk               Not apply here.
Step 4 - Identify Architecture Approaches
  Important Approaches of the Secure Web Service Discovery                       Scenario#: 3                      Scenario: Confidentiality
and Retrieval
                                                                               Attribute(s)           Security
                                                                               Environment            Normal operations
  Architectural                 Rationale                   Trade-offs
   Approach                                                                    Stimulus               Certificate authority has to provide security token
                                                                                                      to authenticate
Layering              It organizes the system in         Security
                      hierarchical structure that       potentially            Response               Intermediary has no way to read the message while
                      allows for easy system            reduced risk                                  establishing connection with service provider
                      modification.                                            Arch decision          Reasoning
                                                                               Sensitivity            The encryption algorithm.
Step 5 - Quality Attribute Utility Tree                                        Tradeoff               More computation time and resource used.
I=Importance, D=Difficulty to achieve, H, M, L = high, medium,                                        Performance is the tradeoff with Security.
low
                                                                               Risk                   Not apply to architecture, but the Encryption
 Quality             Attribute              Scenarios           (I, D)
                                                                                                      algorithm itself, if it is not complex enough, could
 Attribute          Refinement
                                                                                                      be hacked by brute force.
 Security         Confidentiality    Users' information         (H,L)
                                     shall only be visible                     Non risk               Not apply here.
                                     to users of the
                                     system and it is
                                                                                      Scenario#: 4                   Scenario: Non-reputation
                                     encrypted       before
                                                                                    Attribute(s)        Security
                                     transmitting to the
                                     server.                                        Environment         Normal operations
                  Integrity          The system resists         (H,M)               Stimulus            Utility has key certificate to form signed message
                                     unauthorized                                                       to verify the user
                                     intrusion          and                         Response            utility key certificate are required to verify the
                                     modification of data.                                              user sign information
                  Authentication     This enables the user      (H,M)               Arch decision       Reasoning
                                     to access the service                          Sensitivity         Utility key certificate
                                     with required token                            Tradeoff            Need signed key information for operation
                  Non-reputation     It verifies the signed     (H,M)                                   response
                                     information       from                         Risk                Provide certificate to user in more secret
                                     valid user                                     Non risk            Not apply here.


Step 6 - Architecture elicitation and analysis                               Step 7 - Scenario Prioritization
                                                                                The following table prioritizes the Quality Scenarios for
Scenario#:1                       Scenario: Integrity                        the secure web service discovery and retrieval architecture.
Attribute(s)       Security                                                  The Scenario # refers to the scenario being referenced.
Environment        Normal operations
                                                                              Prio-       Scenario          Scenario Stimulus             Prioritization
Stimulus           Unauthorized user without security token
                                                                              rity           #                                               Rationale
                   cannot able to access the service available in                1          3,2        Transmission of the data         It support user
                   the registry                                                          (Security)    over secure communication        data          from
Response           Identity Certificate are required to verify the                                                                      unauthorized
                   user authentication                                                                                                  access
Arch decision      Reasoning                                                    4          1,3,4       User information shall only      This is to build
Sensitivity        Identity certificate                                                  (Security)    be visible to administrative     users confident
                                                                                                       users of the system and it is    on using the
Tradeoff           Need resource to map data, Performance, but
                                                                                                       encrypted             before     system.
                   not too much.                                                                       transmission
Risk               Provide certificate to user in more secret
Non risk           Not apply here.



                                                                         3
© 2010 ACEEE
DOI: 01.IJCOM.01.03.43
                                                              ACEEE Int. J. on Communication, Vol. 01, No. 03, Dec 2010



                    V. CONCLUSIONS                                [3] Janette Hicks, Madhusudhan Govindaraju, Weiyi Meng,
                                                                      “Enhancing Discovery of Web Services through Optimized
   Universal Description Discovery and Integration has no             Algorithms” IEEE International Conference on Granular
way to identify the secure web services when multiple                 Computing 2007 pp 685 - 698.
service providers are now providing similar functional            [4] Colin Atkinson, Philipp Bostan, Oliver Hummel and Dietmar
                                                                      Stoll, “A Practical Approach to Web Service Discovery and
services. An architecture evaluated called agent based web            Retrieval”,IEEE International Conference on Web Services
service discovery to automate secure web service discovery            (ICWS 2007).
for negotiating a mutually acceptable security policy based       [5] Slim Trabelsi Jean-Christphe Pazzaglia Yves Roudier,
on web service description language for both consumer and             “Secure Web Service discovery: overcoming challenges of
                                                                      ubiquitous computing”, Proceedings of the European
provider in dynamic nature.                                           Conference on Web Services (ECOWS'06).
                                                                  [6] David Geer, “Taking Steps to Secure Web Services”,
                       REFERENCES                                     Technology News October 2003.
[1] Zahid Ahmed, Martijn de Boer,, Monica Martin, Prateek         [7] “Evaluating a software architecture and its process”, CS471b
    Mishra, Dale Moberg, “Web-Services Security Quality of            Software Design and Architecture,Group14NZB electronic
    Protection”, Version 0.9 22 Nov 2002.                             banking system          April 8, 2005.
[2] Kassem Saleh and Maryam Habil, “The Security                  [8] “A Web Services Security Testing Framework” Version:
    Requirements Behavior Model for Trustworthy Software”,            1.00 SIFT Information security services,Nov 10, 2006.
    International MCETECH Conference on e-Technologies
    2008 pp 235 - 238.




                                                              4
© 2010 ACEEE
DOI: 01.IJCOM.01.03.43

				
DOCUMENT INFO
Shared By:
Categories:
Stats:
views:18
posted:11/22/2012
language:
pages:4
Description: Web Services can be published, discovered and invoked over the web. Web Services can be implemented in any available technology but they are accessible through a standard protocol. With web services being accepted and deployed in both research and industrial areas, the security related issues become important. In this paper, architecture evaluated for web service on negotiating a mutually acceptable security policy based on web service description language to both consumer and provider [1]. It allows a service consumer to discover and retrieve a service-provider’s security policy for service requests and allows a service consumer to send its own security policy for service responses to the service provider. The service consumer combines its own policy for service requests with that of the service provider to obtain the applied security policy for requests, which specifies the set of security operations that the consumer must perform on the request. The combining takes place in such a way that the applied security policy is consistent with both the consumer’s and provider’s security policies. The service provider also combines its own policy for responses with that of the consumer, to obtain the applied security policy for responses.