|
========================================================== Seguridad de la Internet y de servicios de red: Arquitecturas, patrones, y estandares. Prof. Eduardo B. Fernandez. Dept. of Computer Science and Eng. Florida Atlantic University. http://www.cse.fau.edu/~ed> Slides ¡NEW! (24/07/03) Tutorial level: Intermediate. Presentation in Spanish, slides in English. Required background: Familiarity with basic concepts of Object-oriented design and general principles of security. Tutorial resume: This tutorial is based on portions of a graduate course taught by the author at Florida Atlantic University for the last several years. The tutorial is updated regularly. Parts or all of this material has been presented at INFORMS98 and 2000 (Boca Raton, FL), COMSAC98 (Vienna, Austria), IFIP World Congress98 (Vienna, Austria), 9th Int. Conference of the System Administration, Networking, and Security Institute, SANS2000 (Orlando, FL), SD (Software Development) 2000 East (Washington, DC), SD 2001 West (San Jose, CA), and Northeastern University, Qinhuangdao and Shenyang, China (July 2002), Qinghua University, Beijing, China (July 2002), Technical University of Munich, Germany (July 2002). Tutorial description: Internet-based systems provide a variety of ways to exchange information, contain large amounts and variety of data, and provide an increasing number of useful functions. The value of the Internet for businesses has been significantly increased with the emergence of web services. On the other hand, the Internet has become quite complex, making it vulnerable to attacks. There are many mechanisms and products currently used to stop these attacks but they suffer from lack of completeness, they only apply to one type of attack and cover only one architectural level. Several mechanisms are needed for a comprehensive defense but this incurs in the problem of their lack of coordination, which can be exploited for attacks. We show how Internet and web services security are determined at their architectural levels (including storage and transmission) as well as at the underlying supporting levels (DBMS and OS). We pinpoint some serious flaws still extant.We show how the proliferation of standards for web services is contributing to decrease rather than increase their security. Analysis and design patterns are well established as a convenient and reusable way to build object-oriented software. Patterns combine experience and good practices to develop basic models that can be used for a new design. The Internet in general, and web services in particular, are loosely-coupled distributed systems and the variety of patterns that has been developed for distributed and networked systems is applicable to their development. These patterns and security patterns can be combined to produce secure distributed systems architectures. We show several examples of this combination of patterns, including patterns for single-sign-on, role-based access control, and similar security architectures and mechanisms. The patterns are shown using UML models. We apply these patterns through a web system architecture development method that coordinates different mechanisms based on a unified object-oriented modeling approach, a hierarchical architecture whose layers define the scope of each security mechanism, and the use of security patterns. First, the rights of the users are defined from extended Use Cases using a Role-Based Access Control (RBAC) model. These rights are then reflected in the conceptual class model. At the design stage we define additional security constraints that apply to distribution and concurrency aspects, as well as navigational user interfaces. In the implementation levels we select patterns, components, and languages to fill the needed functions. We use a catalog of security patterns that help define the security mechanisms at each architectural level and at each development stage. We end with an overview of current security issues and possible future developments. Outline: Introduction Internet security issues---recent attacks, vulnerabilities, threats Object-oriented design and patterns--- need for good software engineering, analysis and design patterns Security models and their patterns---policies, access matrix, multilevel models, RBAC Defining authorizations from Use Cases---nonfunctional aspects of Use Cases, RBAC and security policies Authorized conceptual model--- use of authorization patterns to build secure web models Secure system architectures---effect of distribution and user interfaces Web application servers and components---mapping RBAC to components, J2EE and .NET Standards for web services security---WS-Sec, SOAP security extensions, SAML, XACML The supporting levels--- Administration products, cryptography, intrusion detection, firewalls, DBMSs, operating systems. Use of patterns at these levels. Coordination across levels---mapping of authorizations across architectural levels Conclusions---the future Some relevant publications of the presenter: E. B. Fernandez, M. M. Larrondo-Petrie, and E. Gudes, ``A method-based authorization model for object-oriented databases", in Security for Object-Oriented Systems, Springer Verlag, London, 1994. E. B. Fernandez, E. Gudes, and H. Song, ``A model for evaluation and administration of security in object-oriented databases", IEEE Trans. on Knowledge and Database Eng., vol. 6, no. 2, April 1994, 275--292. E. B. Fernandez and J. C. Hawkins, "Determining role rights from use cases", Procs. 2nd ACM Workshop on Role-Based Access Control, November 1997, 121-125. E. B. Fernandez and K. R. Nair, "An abstract authorization system for the Internet", Procs. 9th Int. Workshop on Database and Expert Systems Applics. (DEXA '98), 310-315. E.B.Fernandez, "Building systems using analysis patterns", Procs. 3rd Int. Software Architecture Workshop (ISA W3), ACM, November 1998, 37-40. R.M.Santos, E.B.Fernandez, J.Santos, and M.Zambon, "Object-oriented analysis of real-time telemedical systems", Procs. of 5th Int. Conf. on Information Systs. Analysis and Synthesis(ISAS'99) vol. 2, 365-370. E.B.Fernandez and X.H.Yuan, "An analysis pattern for reservation and use of entities", Procs. of Pattern Languages of Programs Conf (PLoP99), http://st-www.cs.uiuc.edu/~plop/plop99 M. Heuser and E.B.Fernandez, "RPC Client: A pattern for the clent-side implementation of a pipelined request/response protocol", Procs. of PLoP99. http://st-www.cs.uiuc.edu/~plop/plop99 F.L. Brown and E.B. Fernandez, "The Authenticator pattern", Procs. of PLoP99. http://stwww.cs.uiuc.edu/~plop/plop99 A.Delarue and E.B. Fernandez, " Extension and Java implementation of the Reactor-Acceptor-Connector pattern combination", Procs. of PLoP99, http://st-www.cs.uiuc.edu/~plop/plop99/proceedings E.B.Fernandez, "Coordination of security levels for Internet architectures", Procs. 10th Intl. Workshop on Database and Expert systems Applications, DEXA99, 837-841. E.B.Fernandez, "Authorization rules as metalevel constructs", Procs. OOPSLA Workshop on Metadata and Dynamic Object-Model Pattern Mining, ACM 1999. http://www.joeyoder.com/Research/metadata/OOPSLA99/ E.B.Fernandez, J.Wu, and H.Qian, "A combined functional and object-oriented approach to software design', Int. Journal of Computers and Applications, vol. 22, No 2 , 2000, 51-61. E.B.Fernandez, "Stock manager: An analysis pattern for inventories, Procs. of PLoP 2000. http://jerry.cs.uiuc.edu/~plop/plop2k/proceedings/proceedings.html E.B.Fernandez, , X. Yuan, and S. Brey, "Analysis Patterns for the Order and Shipment of a product", Procs. of PLoP 2000. http://jerry.cs.uiuc.edu/~plop/plop2k/proceedings/proceedings.html V. Hays, M. Loutrel, E.B. Fernandez, " The Object Filter and Access Control Framework", Procs. of PLoP 2000, http://jerry.cs.uiuc.edu/~plop/plop2k/proceedings/proceedings.html E.B. Fernandez and X. Yuan, "Semantic Analysis Patterns", Procs. of 19th Int. Conf. on Conceptual Modeling, ER2000, 183-195. http://www.cse.fau.edu/~ed/SAPpaper2.pdf E B. Fernandez and R.Y. Pan, "A pattern language for security models", Procs. of PLoP 2001, http://jerry.cs.uiuc.edu/~plop/plop2001/accepted_submissions/accepted-papers.html E.B.Fernandez, "An overview of Internet security", Procs. of the World's Internet & Electronic Cities Conference (WIECC 2001), May 1-3, 2001, Kish Island, Iran. E.B.Fernandez, "Web services security", chapter in Web Services Business Strategies and Architectures, P. Fletcher and M. Waterhouse (Eds.), Expert Press, UK, 2002, 290-302. E.B.Fernandez, "Patterns for operating systems access control", Procs. of PLoP 2002, http://jerry.cs.uiuc.edu/~plop/plop2002/proceedings.html E.B.Fernandez, E.Gudes, and M. Olivier, Secure Software Systems, under contract with Addison-Wesley. M.Schumacher, E.B.Fernandez, F. Buschmann, and D. Hybertson, Security Patterns, under contract with Wiley. ========================================================== |