A security gateway for web service protocols

The advent of Web Services and service-oriented architectures is fundamentally changing the way we build our internal systems and how internal and external systems interact with each other. To reduce the costs of software systems while at the same time increasing the capabilities of the systems, more and more companies and organisations are adopting their IT systems to Web Service technologies. One of the most important problems, which prevents the industry from producing and implementing a standards-based architecture, is Security. In response to security concerns, IBM and Microsoft have collaborated on this proposed Web Services security plan and roadmap for developing a set of Web Service Security specifications that address the problem of how to provide protection for messages exchanged in a Web service environment. Standard organisations like OASIS and W3C have also proposed SAML1 and XACML2 to provide an XML schema for representing authorisation and entitlement policies and an XML-based framework for communicating user authentication, entitlement-, and attribute information. However, despite the fact that a lot of effort has been put into solving security concerns, it is still not able to be said that the web service technology is secure enough. Huge gaps between business and IT, frequently changing organisation structures and flexible business process/model give us new challenges for building up a system with a scalable, flexible and easily manageable security framework. This research is mainly motivated by the following two facts in the real world. • Under Section 404 of Sarbanes-Oxley (SOX), public companies that have a market capitalisation of more than $75 million, must attest to the effectiveness of internal controls and audit processes. One of the few aspects of SOX compliance that makes sense is the adoption of a proper access control method. Role-based access control (RBAC) is one of such methods. In a large organization, the key question for the Security Manager is how to keep the consistence of RBAC policy with respect to regulatory compliance and reflect the changes in the real world to RBAC policy in time. • Adaptive Business Process is emerging from the fact that business applications are moving from standalone systems to service oriented architectures, flexibly adapting to changing business needs and serving them optimally through building 1http://www.oasis-open.org/committees/security/ 2http://www.oasis-open.org/committees/xacml/ and dissolving task-driven virtual organisations. To enable secure execution of business processes, we need firstly a shared semantic framework. Utilising the same semantic framework enables various systems to understand each other. Particularly for the process-level security requirements, the first step is to specify the constraints and capabilities in a commonly understandable way and with the same vocabulary. This research envisions the delivery of innovative security solutions for the virtual, service-oriented-, and evolving enterprise, enabling secure execution of business processes and trusted collaboration between organizations. Furthermore, effective management of authorisation in these solutions requires: (1) the mapping of business level policies into security policies; (2) enabling collaboration between independently administered domains/organizations. This thesis describes Gracia security Gateway for Risk And Change Information mAnagement, a security gateway designed to address the authorisation needs for service-oriented enterprise computing. A security gateway is a term coined to refer to a united policy management framework for the specification of security policies, the integration of security-related knowledge, and the evaluation and enforcement of policy compliances. Based on the concept of the Virtual Knowledge Community (VKC) and a generic abstraction for agent-based knowledge exchange (AOA), Gracia provides a generic platform for sharing and exchanging knowledge among different domains and organisations. At the heart of the Gracia framework is a language for the specification of security policies, the Gracia Policy Language (GPL), which shares the syntax and semantics with Web Ontology Language (OWL)3 and Semantic Web Rule Language (SWRL)4, and the inference model for evaluating policies expressed in GPL. With the policy language and its inference model, Gracia is able to model policies, which can express both business rules and constraints from the regulatory compliance. The second half of the thesis describes the design and implementation of the Gracia framework for the standard web service platform. The goal of this work is twofold: Firstly, to demonstrate the practical feasibility of Gracia, and secondly, to investigate the use of a policy-driven security gateway for enterprise system. An important requirement in such systems is knowledge integration that allows stakeholders of business processes to share their knowledge and enable trust management during the knowledge sharing process. Addressing this requirement, a knowledge integration frame3http://www.w3c.org/TR/owl-features 4http://www.w3.org/Submission/SWRL/