Setting aside our present discussions on Web services for a moment, let's try to categorize all the generic security concerns in any enterprise-computing realm. Later, we will be able to discuss their relevance and importance in service-driven enterprise architectures.
Securing Access to Resources
Every application that services a client applicationbe it an enterprise data warehouse or a back office applicationcan be called as a resource. When a client makes a request to the resource to perform a specific operation, the resource needs to ensure that
The client has valid access to the resource (Authentication)
The client has valid privileges to perform the operation (Authorization)
Methodologies to Implement Authentication
Username and password: The most fundamental form of authentication that is widely adopted across all applications, including the Web.
Concept of secure ID: Usernames and passwords have the threat of being shared across several individuals. Hence, for restricted business applications, a secret PIN number is often associated with the username during authentication. This PIN number usually gets generated in a physically secure ID card, and keeps changing every minute or so. The user has to refer to the active PIN number in the card at any given point of time.
Methodologies to Implement Authorization
Access control lists: After the authentication is successful, we need to find out whether the requesting application has the necessary privileges to perform the requested operation. This is usually accomplished by referring to a table, called the access control list, which lists all the privileges against the given username.
Securing the Message (Data)
Confidential business data gets exchanged across the networkwithin and outside the enterprise system boundaries. It is important to ensure that:
Any unauthorized process that has access to the packets that travel across the network is not able to decipher the data exchanged (Confidentiality)
No modifications are made to the original message or data while it is traveling across the network (Integrity)
The sender application should not be able deny its role in sending the data at a later date (during disputes, for example). (Non-repudiation)
Methodologies to Implement Confidentiality
Encryption and cryptography: Cryptographic algorithms have played a pivotal role in driving secure messaging to new heights, and continue to inspire technologies, even today. The methodology involves converting data to meaningless chunk characters (encrypted data) using complex numeric transformations and secret keys, and deciphering the same at the receiver end using reverse algorithms.
Many cryptographic technologies and toolkits are available in the markets today. They help applications to encrypt/decrypt the data on either end, without bothering much about the nuisances of algorithms.
Methodologies to Implement Integrity and Non-repudiation
Digital signatures: Digital signatures are human signature's counterpart in the electronic world. Though they are built on the top of cryptography, they serve a slightly different purposeattesting the original source of the message (or data) as well as ensuring that the data has not been tampered with while in transit in the network.
The basic concept behind digital signatures is the ownership of secret keys: public keys (which are circulated to everyone) and private keys (which are held by specific systems).
Securing the Wire (Network)
Securing the network, which establishes the physical communication layer across the systems, involves setting up routers, firewalls, and sub-domains. Because these concepts are common to all enterprise systems and not very specific to Web services, I'll keep them beyond the scope of this series.
These concepts are illustrated in Figure 2.
Figure 2 Basic concepts of enterprise security.