RE: D-AG006 Security from Damodaran, Suresh on 2002-03-08 (www-ws-arch@w3.org from March 2002)

From: Damodaran, Suresh <Suresh_Damodaran@stercomm.com>
Date: Fri, 8 Mar 2002 17:55:15 -0600
To: "'Joseph Hui'" <jhui@digisle.net>, www-ws-arch@w3.org
Message-ID: <40AC2C8FB855D411AE0200D0B7458B2B07C59360@scidalmsg01.csg.stercomm.com>
Joseph,

Here are my comments. This is a great kickoff mail!

1. For the security terms, it would be useful to refer to
a glossary for a consistent, unambiguous definition of terms.
I propose we adopt RFC 2828 (http://www.ietf.org/rfc/rfc2828.txt) 
as our glossary. 

2. You have described the techniques one may use to secure
*any* web service usage scenario. It would be useful to see
whether there are categories of usage scenarios where some
specific combination of techniques will make sense.
For example, should accessing a "weather info service,"
be secured using authorization, authentication? Should the 
weather info be ensured to be authentic and unaltered?
Same questions for sending in a bill payment to a bank from
a customer. If there are many categories, then we may see
how to satisfy all of them in a generic way. Alternately,
we may suggest techniques that may be generically adopted.

3. It would be good to define the "end points" of whatever
scenarios we are securing. What are the boundaries of whatever
we are securing? Is it from a s/w client to the web service?
Or, is it from the human client to the web service provider?

Cheers,
-Suresh

-----Original Message-----
From: Joseph Hui [mailto:jhui@digisle.net]
Sent: Thursday, March 07, 2002 7:40 PM
To: www-ws-arch@w3.org
Subject: D-AG006 Security


Hi all,

As the volunteered "champion" (during today's telecon) for one of the
WSAWG goals, "AG006 -- addresses the security of web services across
distributed domains and platforms," I wish to solicit your interest
in starting and sustaining a "spirited" discussion on web services
security.  The primary objective (of the discussion) is to confirm
the stated goal by *rough* consensus, and refine it (the goal, not
the consensus ;-) if necessary.  The secondary objective is to
harvest the upshot of the discussion and turn it into something
we can use in near term for identifying "Critical Success
Factors" -- whatever that may mean to you -- and requirements.
Hopefully, by being mindful of the objectives, we can keep this
thread reasonably focused.  However, please don't let the
objectives adversely constrain your will to express.  You're
welcome to disregard the objectives and throw in whatever you
see fit in the spirit of doing good for web services security.

To get the ball rolling, let me start with the goal statement itself:

   AG006 -- addresses the security of web services across
            distributed domains and platforms.

Q to all: Is the goal set to your satisfaction?  
          Too broad, too narrow, too ...?

Answers/comments?


To flesh out AG006 a bit more in terms of its implications,
we can give it another whack at what addressing the web 
services security (WSsec) should entail in the architecture 
WS-Arch) to be designed.  Based on some previous discussions
fragmented across several threads in www-ws-arch@w3.org, an
assertion can be made that attaining goal AG006 entails 
addressing six security aspects in computing:
   1) Accessibility;
   2) Authentication (of ID and data/messages);
   3) Authorization;
   4) Confidentiality;
   5) (data) Integrity; and
   6) Non-repudiation.

Comments?  


Closely related to security is (the issue of) "trust."
We shall have a security framework alright. The question is:
should we include trust modeling as a part of the framework's
design, (e.g.. what trust model(s) to recommend or adopt for web 
services,) thus trust is a part of AG006; or should we deem "trust"
outside the scope of AG006, thus we may need a separate goal?

Answers/comments?


Also, there was the mention of "privacy" in the charter, right
next to security.  Privacy can mean different things in
different contexts, ranging from preventing one's home address
disclosed to a web merchant from being sold to junkmailers to
keeping one's ID anonymous in transactions. 
I wasn't at the WS workshop last April, so have no clue
what that was about.  Can someone shed some light on what the
"privacy" is supposed to mean in our WS-Arch context, so we
can determine whether it will be appropriate to lump it into
AG006, or set a separate goal for it, or whatever?

Answers/comments?


Please chime in.

Thanks,

Joe Hui
Exodus, a Cable & Wireless service
Received on Friday, 8 March 2002 18:55:52 UTC