Security and the Open Geospatial Security

Document Sample
Security and the Open Geospatial Security Powered By Docstoc
					        Security
         and the
Open Geospatial Consortium
          (OGC)



       CEOS/WGISS-27 Workshop
             11 Mai 2009
              Toulouse

             Andreas Matheus, Secure Dimensions GmbH
                andreas.matheus@secure-dimensions.de
                        Agenda
•   What do I mean by “Security”?
•   Typical Requirements and Standards
•   OGC’ Security and GeoRM Working Groups
•   OGC’ Interoperability Initiatives
•   Conclusion and upcoming activities




                                             Helping the World to Communicate
                                             Geographically
                  Context For This Talk
• Target to be “secured” is a Distributed System
  – for exchanging / processing of geospatial information
  – implemented by (but not limited to) OGC Web Services
• One mandatory and one optional Threat Model
  – Internet Threat Model
  – Browser (Client) Threat Model
• In this context, “Security” refers to
  – communication between entities
  – trust between entities / parties
  – protection of assets




                         Security and the Open Geospatial Consortium   Helping the World to Communicate
                                                                       Geographically
      Security – What Do I Mean By That?
• For “the system” itself:
  “secure systems will control, through use of specific
  security features, access to information such that only
  properly authorized individuals, or processes operating on
  their behalf, will have access to read, write, create, or
  delete information.” [TCSEC]*
• For a “distributed system”:
  the „distributed“ property is a characteristic of the system
  that shall not have any influence on the definition above.




                      Security and the Open Geospatial Consortium   Helping the World to Communicate
                                                                    Geographically
            Security Relies On Requirements

• Trusted Computer System Evaluation Criteria
  – Policy, Marking, Identification, Accountability, Assurance, Continuous
    Protection
  – Evaluation Classes: D (lowest), C, B, A (highest)
       • C: Discretionary Access Rights Management, Identity based AC
       • B: Mandatory Access Rights Management, Context based AC
• ISO 10181
   –   1: Overview                                          – 5: Confidentiality FW
   –   2: Authentication FW                                 – 6: Integrity FW
   –   3: Access Control FW                                 – 7: Security Audits and Alarms
   –   4: Non-Repudiation FW                                  FW




                            Security and the Open Geospatial Consortium    Helping the World to Communicate
                                                                           Geographically
OGC Sensor Web – A Trusted System?
                                 Register
                                                                                   CAT
Sensors SensorML
          Register

                                  SOS
           Task
                                                                         Search


                                                            GetResults            SOS
                                                                                  SAS
    Publish           SPS
                                              Task

  SAS             Alert

                          Notify         Bind
  Notify
                     WNS                      notification

                           Security and the Open Geospatial Consortium        Helping the World to Communicate
                                                                              Geographically
                The Interoperability Issue
• Exchanging and processing of geospatial Information in a
  federation requires interoperability on different levels:
  – Data Level Interoperability ensures the ability to “consume” the
    information
  – Service Level Interoperability ensures the ability to exchange /
    obtain the information to be “consumed”
  – Security Level Interoperability ensures the ability to the above in a
    reliable and trustworthy fashion
• Implementation of all levels can be done by using
  standards from the OGC and other bodies
• Establishing secure communication
  – Network level
  – Application level

                          Security and the Open Geospatial Consortium   Helping the World to Communicate
                                                                        Geographically
                   Security Standards
                                              WS-
Federation         WS-Federation
                                       SecureConversation                    Authentication

Licensing              REL                  ODRL                  XrML       This is an
Authorization                               XACML               GeoXACML     OGC Standard!
                                                                                  PKI
                                                                 WS-
Policy Layer        WS-Policy              WS-Trust
                                                             Authorization

Message Security                          WS-Security                          Kerberos

Web Services
                      WSDL                WS-Referral           WS-Routing
Standards
                                                                                 LDAP
                                            XML
                   XML Signature                                  SAML
                                          Encryption
XML Security
Standards                                                                        XCBF
                                   XKMS                 ebXML


Binding Layer                          HTTP / HTTPS


Network Layer          SSL                   TLS                  IPSec




                         Security and the Open Geospatial Consortium              Helping the World to Communicate
                                                                                  Geographically
  Security And The OGC – Working Groups
• GeoRM (Geo Rights Management) DWG – 2004
  – http://www.opengeospatial.org/projects/groups/geormwg
  – Geospatial Digital Rights Management Reference Model (Abstract
    Specification Topic 18)


• Security DWG – 2006
  – http://www.opengeospatial.org/projects/groups/securitywg
  – Forum for discussing related topics to authentication, access control
    and secure communication




                         Security and the Open Geospatial Consortium   Helping the World to Communicate
                                                                       Geographically
  Security And The OGC – Standardization
• GeoRM Common SWG – 2007
  – http://www.opengeospatial.org/projects/groups/georm1.0swg
  – „define the GeoRM Common Standard for the implementation of
    common aspects GeoDRM Reference Model“ [Charter]
• GeoXACML SWG (persistent)
  – Potential to be established 2009 (next TC meeting 06/09)
  – “purpose … is to develop an OGC Web Services Profile of
    GeoXACML” [Draft Charter]
  – “another purpose … is to coordinate OGC’s work on GeoXACML
    with the work of the OASIS XACML WG“ [Draft Charter]




                       Security and the Open Geospatial Consortium   Helping the World to Communicate
                                                                     Geographically
  Security And The OGC – OWS-3 Initiative
• Timeline 04 – 10/2005
• Dedicated Thread for GeoDRM
• “Click-through" licensed use of a
  – Web Map Service (WMS)
  – Web Feature Service (WFS)
  – Web Portrayal Service (cascade of a WMS and WFS)
• GeoDRM license model for different types of users
  – anonymous / registered user




                       Security and the Open Geospatial Consortium   Helping the World to Communicate
                                                                     Geographically
   Security And The OGC – OWS-3 Initiative

• “Click-Through” Licensing


                 Error: Please read/accept the disclaimer!


                       Read & Accept Disclaimer
                                                                        Service
                                    Request                            WMS / WFS

                            Result: Image / 27GML




                         Security and the Open Geospatial Consortium        Helping the World to Communicate
                                                                            Geographically
   Security And The OGC – OWS-3 Initiative

• WS-Security based implementation of secure
  communication and exchange of security context information
  – Confidentiality
  – Integrity
• WS-Security supports different Security Tokens
  –   Username Tokens (authentication by user/password)
  –   X.509 Tokens (authentication by certificate)
  –   SAML Tokens (exchange of user assertions)
  –   REL Tokens (exchange of license assertions)
  –   Kerberos Tokens (Microsoft authentication)




                          Security and the Open Geospatial Consortium   Helping the World to Communicate
                                                                        Geographically
  Security And The OGC – OWS-3 Initiative
• Interoperability Program Report (IPR)
  – OGC 05-111 (Fraunhofer): “Terms of Use (ToU) Service and Model”
• Implementation
  – “Click-Through” License for WMS and WFS (University of the
    Bundeswehr München)




                        Security and the Open Geospatial Consortium   Helping the World to Communicate
                                                                      Geographically
  Security And The OGC – OWS-4 Initiative
• Timeline 06 – 12/2006
• Dedicated Thread for GeoDRM
• Use of brokered / negotiated licenses for a
  – Web Feature Service (WFS)
• Two phase approach
  – I: Negotiation of a license (and the comprised rights)
  – II: Managing access to protected services based on the rights and
    conditions in the license




                        Security and the Open Geospatial Consortium   Helping the World to Communicate
                                                                      Geographically
    Security And The OGC – OWS-4 Initiative

• Scenario 1
  – Unrestricted User-License
• Scenario 2
  – Brokered-License
• Scenario 3
  – Negotiation of a User-License
• Scenario 4
  – Managing access to a
    WFS-T for
    feature
    updates




                           Security and the Open Geospatial Consortium   Helping the World to Communicate
                                                                         Geographically
Security And The OGC – OWS-4 Initiative
              <License>

                                                             Rights as
                                                           XACML Policy




 Authenticity by
 XML Signature


Structure of an OWS-4 License
                   Security and the Open Geospatial Consortium    Helping the World to Communicate
                                                                  Geographically
  Security And The OGC – OWS-4 Initiative
• Interoperability Program Reports
  – Engineering Viewpoint (con terra)
  – Trusted Geo Services (University of the Bundeswehr München)
  – Change Request OWS Common (Fraunhofer)
• Implementation (con terra)
  – Phase I: Negotiation of licenses
• Implementation (University of the Bundeswehr München)
  – Phase II: Licensed feature update using a WFS-T
• Online Demo
  – http://www.opengeospatial.org/pub/www/ows4/index.html




                         Security and the Open Geospatial Consortium   Helping the World to Communicate
                                                                       Geographically
  Security And The OGC – OWS-6 Initiative
• Timeline 10/2008 – 04/2009
• Security inside threads
  – Geo Processing Workflow (GPW)
    • Managed access to OWS and trusted communication between different
      security domains
    • XACML/GeoXACML based protection of a WMTS and WFS
  – Sensor Web Enablement (SWE)
    • How to secure a sensor network based on OGC Sensor Web Services?




                        Security and the Open Geospatial Consortium   Helping the World to Communicate
                                                                      Geographically
Security And The OGC – OWS-6 Initiative




             Security and the Open Geospatial Consortium   Helping the World to Communicate
                                                           Geographically
 Security And The OGC – OWS-6 Initiative




Access Control in the Airport Emergency Response Scenario (source: 09-036)

                            Security and the Open Geospatial Consortium   Helping the World to Communicate
                                                                          Geographically
  Security And The OGC – OWS-6 Initiative
• Secure Sensor Web Engineering Report
  – Evaluate vulnerabilities, attacks and affects on assets for the Sensor
    Web Services specifications
     • Sensor Alert Service (SAS)
     • Sensor Observation Service (SOS)
     • Sensor Planning Service (SPS)
  – Assets are
     • Sensors, Production Data, Observations, Alerts
  – Provide recommendations how to prevent or mitigate the attacks




                          Security and the Open Geospatial Consortium   Helping the World to Communicate
                                                                        Geographically
   Security And The OGC – OWS-6 Initiative
• Interoperability Program Reports
  – OWS-6 Security ER (con terra)
  – OWS-6 GeoXACML ER (University of the Bundeswehr München)
  – OWS-6 Secure Sensor Web ER (AM Consult*)
• Implementation (con terra)
  – STS, PDP, PEP
• Implementation (AM Consult*)
  – GeoPDP
• Implementation (Geomatys)
  – WMS / WFS PEP


*: Secure Dimensions GmbH is the successor of AM Consult

                          Security and the Open Geospatial Consortium   Helping the World to Communicate
                                                                        Geographically
Security Standards – OGC experience
                                                WS-
  Federation         WS-Federation
                                         SecureConversation                    Authentication

  Licensing              REL                  ODRL                  XrML


  Authorization                               XACML               GeoXACML

                                                                                    PKI
                                                                   WS-
  Policy Layer        WS-Policy              WS-Trust
                                                               Authorization

  Message Security                          WS-Security                          Kerberos

  Web Services
                        WSDL                WS-Referral           WS-Routing
  Standards
                                                                                   LDAP
                                              XML
                     XML Signature                                  SAML
                                            Encryption
  XML Security
  Standards                                                                        XCBF
                                     XKMS                 ebXML


  Binding Layer                          HTTP / HTTPS


  Network Layer          SSL                   TLS                  IPSec




                           Security and the Open Geospatial Consortium              Helping the World to Communicate
                                                                                    Geographically
      Consensus On Security In The OGC
• Results from the OWS-3, OWS-4, OWS-6 Initiatives
  – Use SOAP based communication for service interface
  – Secure communication by leveraging WS-Security from OASIS
    • Includes use of XML DSig and XML Encryption by W3C
  – Access Control based on XACML / GeoXACML
• Items that require standardization/recommendation
  – Authentication
  – Bootstrapping for secured OGC Web Services
  – GeoXACML Profile for OGC Web Services




                        Security and the Open Geospatial Consortium   Helping the World to Communicate
                                                                      Geographically
            Potentially Future Work Items
• GeoXACML SWG
  – How to ensure 100% interoperability using GeoXACML to protect
    Geo Web Services (includes OGC Services)
  – Communicate with OASIS XACML WG to ensure that geo-specific
    use cases are included
• GeoRM Common SWG
  – How to transport a security context for licensed protection of OGC
    Web Services
• OWS-7: Proposal for a Security Thread
  – Implementation of Secure Sensor Web ER results for SPS
  – Evaluation / comparison of Authentication Mechanisms

 CEOS members – get involved in Security for OWS-7

                         Security and the Open Geospatial Consortium   Helping the World to Communicate
                                                                       Geographically
          Thank You For Your Attention

It is important,
      never to stop asking questions... [Albert Einstein]


Secure Dimensions GmbH – Holistic Geosecurity
Dr. Andreas Matheus

Kederbacherstraße 44
D-81377 München, Germany

Phone     +49 (0)89 71000667
Mobile    +49 (0)160 1066366
Telefax   +49 (0)89 71000668
Email     am@secure-dimensions.de
Web       www.secure-dimensions.de

                                                                     Helping the World to Communicate
                       Security and the Open Geospatial Consortium
                                                                     Geographically