RE: D-AG006 Security from Krishna Sankar on 2002-03-09 (www-ws-arch@w3.org from March 2002)

From: Krishna Sankar <ksankar@cisco.com>
Date: Fri, 8 Mar 2002 18:01:19 -0800
To: <www-ws-arch@w3.org>
Message-ID: <002601c1c70e$4dcd6320$950d47ab@amer.cisco.com>
Hi,

 | 
 | 2. You have described the techniques one may use to secure
 | *any* web service usage scenario. It would be useful to see 
 | whether there are categories of usage scenarios where some 
 | specific combination of techniques will make sense. For 
 | example, should accessing a "weather info service," be 
 | secured using authorization, authentication? Should the 
 | weather info be ensured to be authentic and unaltered?
 | Same questions for sending in a bill payment to a bank from
 | a customer. If there are many categories, then we may see
 | how to satisfy all of them in a generic way. Alternately,
 | we may suggest techniques that may be generically adopted.
 | 
<KS>
	I do not think we should get into this. For example we could
describe security 1-10 or weak, medium or strong or ... Again the
relative strengths or other similar grading attributes are domain
specific i.e. a weak authC in one domain might be the strongest authC in
another domain.

	IMHO, we would define and identify the various mechanisms and
leave the interpretations to the domains/applications.
</KS>
 | 3. It would be good to define the "end points" of whatever 
 | scenarios we are securing. What are the boundaries of 
 | whatever we are securing? Is it from a s/w client to the web 
 | service? Or, is it from the human client to the web service provider?
 | 
<KS>
	Can you identify the set of actors ? This would help me in my
examples as well. As a starting point, we have web service, service
provider, s/w client, human client, service intermediary and service
aggregator.
</KS>
 | Cheers,
 | -Suresh
 | 
 | -----Original Message-----
 | From: Joseph Hui [mailto:jhui@digisle.net]
 | Sent: Thursday, March 07, 2002 7:40 PM
 | To: www-ws-arch@w3.org
 | Subject: D-AG006 Security
 | 
 | 
 | Hi all,
 | 
 | As the volunteered "champion" (during today's telecon) for 
 | one of the WSAWG goals, "AG006 -- addresses the security of 
 | web services across distributed domains and platforms," I 
 | wish to solicit your interest in starting and sustaining a 
 | "spirited" discussion on web services security.  The primary 
 | objective (of the discussion) is to confirm the stated goal 
 | by *rough* consensus, and refine it (the goal, not the 
 | consensus ;-) if necessary.  The secondary objective is to 
 | harvest the upshot of the discussion and turn it into 
 | something we can use in near term for identifying "Critical 
 | Success Factors" -- whatever that may mean to you -- and 
 | requirements. Hopefully, by being mindful of the objectives, 
 | we can keep this thread reasonably focused.  However, please 
 | don't let the objectives adversely constrain your will to 
 | express.  You're welcome to disregard the objectives and 
 | throw in whatever you see fit in the spirit of doing good 
 | for web services security.
 | 
 | To get the ball rolling, let me start with the goal statement itself:
 | 
 |    AG006 -- addresses the security of web services across
 |             distributed domains and platforms.
 | 
 | Q to all: Is the goal set to your satisfaction?  
 |           Too broad, too narrow, too ...?
 | 
 | Answers/comments?
 | 
 | 
 | To flesh out AG006 a bit more in terms of its implications,
 | we can give it another whack at what addressing the web 
 | services security (WSsec) should entail in the architecture 
 | WS-Arch) to be designed.  Based on some previous discussions 
 | fragmented across several threads in www-ws-arch@w3.org, an 
 | assertion can be made that attaining goal AG006 entails 
 | addressing six security aspects in computing:
 |    1) Accessibility;
 |    2) Authentication (of ID and data/messages);
 |    3) Authorization;
 |    4) Confidentiality;
 |    5) (data) Integrity; and
 |    6) Non-repudiation.
 | 
 | Comments?  
 | 
 | 
 | Closely related to security is (the issue of) "trust."
 | We shall have a security framework alright. The question is: 
 | should we include trust modeling as a part of the 
 | framework's design, (e.g.. what trust model(s) to recommend 
 | or adopt for web 
 | services,) thus trust is a part of AG006; or should we deem 
 | "trust" outside the scope of AG006, thus we may need a separate goal?
 | 
 | Answers/comments?
 | 
 | 
 | Also, there was the mention of "privacy" in the charter, 
 | right next to security.  Privacy can mean different things 
 | in different contexts, ranging from preventing one's home 
 | address disclosed to a web merchant from being sold to 
 | junkmailers to keeping one's ID anonymous in transactions. 
 | I wasn't at the WS workshop last April, so have no clue
 | what that was about.  Can someone shed some light on what 
 | the "privacy" is supposed to mean in our WS-Arch context, so 
 | we can determine whether it will be appropriate to lump it 
 | into AG006, or set a separate goal for it, or whatever?
 | 
 | Answers/comments?
 | 
 | 
 | Please chime in.
 | 
 | Thanks,
 | 
 | Joe Hui
 | Exodus, a Cable & Wireless service
 | 
 |
Received on Friday, 8 March 2002 21:01:49 UTC