Xem mẫu

SOA End to End Security Department of Computer Science Purdue University West Lafayette, Indiana Program Manager: Asher Sinclair, AFRL/RISE Award No. FA8750-10-2-0152 09/27/2011 1 People Involved In the Project • Two Faculty Members • Ten graduate students 2 Outlines • Security Challenges in SOA – Problem Overview • Project Summary • Prototype Development – System Architecture and Baseline Scenario • Use Case Scenario – Service Domain Internals and Implementation – SOA Authentication Scheme (CAC/IDM) – WS-* Standard Integration – Trust Broker Subsystem – Service Registry – Taint Analysis Subsystem • Transition to Cloud Computing • Demo/Evaluation of the Proposed Solution (Security and Performance) • Schedule and Timeline • Future Tasks • Discussion 3 • Appendixes (Publication) Security Challenges in SOA • Authentication and authorization may not take place across intended end points • Intermediate steps of service execution might expose messages to hostile threats • External services are not verified or validated dynamically (Uninformed selection of services by user) • User has no control on external service invocation within an orchestration or through a service in another service domain • Violations and malicious activities in a trusted service domain remain undetected 4 SOA End to End Security Architecture 5 ... - tailieumienphi.vn
nguon tai.lieu . vn