The document discusses various identity and security patterns for web services, including direct authentication, brokered authentication, data origin authentication, trusted subsystem, and message interceptor gateway patterns. It describes problems that each pattern addresses, such as unauthenticated access, delegating authentication to external users, message manipulation, controlling downstream access, and centralized security enforcement. Implementation examples including WS-Security, WS-Trust, and open standards are also provided.
35. Exception Shielding Pattern
Problem :
Exception data output by a service
containing implementation details could
compromise the security of the service
36. Exception Shielding Pattern
Solution :
Potentially unsafe exception data is
"sanitized" by replacing it with exception
data that is safe by design before it is
made available to consumers
47. Brokered Authentication Pattern
Problem :
How to avoid anonymous users accessing a web
service and give access to users outside our
domain, where we don’t have the users’
credentials to validate
48. Brokered Authentication Pattern
Solution :
Delegate authentication to a third party who
knows to validate user credentials and the
service trusts the assertions provided by
that particular third party
50. How do we know the legitimacy
of the third party
Security Token Service ?
51.
52. Data Origin Authentication Pattern
Problem :
How do we prevent an attacker from
manipulating messages in transit between a
client and a web service.
53. Data Origin Authentication Pattern
Solution :
Validate message integrity and non-
repudiation with message signature
54. Our services access downstream
resources with the
authenticated user’s credentials
55. This could bring security risks –
and make down stream resources
vulnerable to attacks
59. Trusted Sub System Pattern
Problem :
A consumer that accesses backend resources
of a service directly can compromise the
integrity of the resources and can further
lead to undesirable form of implementation
coupling.
60. Trusted Sub System Pattern
Solution :
The service is designed to use it’s own
credentials for authentication and
authorization with backend resources on
behalf of the consumers
64. Message Interceptor Gateway Pattern
Problem :
Different services deployed could have
different security policies and a security
vulnerability of the weakest service could
be exploited to create loop holes in entire
system.
65. Message Interceptor Gateway Pattern
Solution :
Provides a single entry point and allows
centralization of security enforcement for
incoming and outgoing messages.