Web Service Security: Theory and Practice Andy Gordon ( Microsoft Research ) Software and Web Engineering in the Microsoft .NET Environment Microsoft Research Fourth Crash Course for Faculty and PhDs Saint John's College, Cambridge, March 25–28, 2003 2 What’s a Web Service?  “A web service is a web site intended for use by computer programs instead of human beings.” (Barclay et al, MSR-TR-2002-53)  Internet examples: (bye bye, screen-scraping!)  http://www.google.com/apis/  http://terraserver.microsoft.net/TerraService.asmx  http://soap.amazon.com/onca/soap2  http://www.xmethods.net  Within intranet: vendor-neutral middleware to interconnect existing systems  Between intranets: inter-institution workflow (e- business, e-science); eg Globus OGSA based on WS 3 Example: A Google Client  Create a local proxy class, instantiate, and invoke  The proxy class GoogleSearchService generated from a WSDL file, an XML-encoded service description GoogleSearchService s = new GoogleSearchService(); foreach (string q in queries) { GoogleSearchResult r = s.doGoogleSearch(myKey, q); int estResults = r.estimatedTotalResultsCount; w.WriteLine("\t{0}\t{1}", q, estResults); } 4 Outline Architecture SOAP SOAP Request Request Implementation via proxy class and HTTP transport My Desktop Windows Google.com/apis Unix/Linux? GoogleSearchService s = new GoogleSearchService(); foreach (string q in queries) {… s.doGoogleSearch(myKey, q); …} Implementation via WebService classes in Web Server SOAP SOAP Response Response [WebMethod] … doGoogleSearch(myKey, q) … Google database Vendor-neutral XML-encoding over HTTP The Internet TCP/IP 5 Web Services: What’s New?  Though their core is roughly SOAP-encoded RPC, what’s new about web services is the combination of:  Vendor-neutral interoperability  Internet-scale  Toolsets for “mere mortals” (Barclay et al)  Signs of fervour,  Wide support from commercial & OSS suppliers  Weekly news of progress at OASIS and W3C  yet reasons for caution,  Cost of SOAP encoding?  Lack of SOAP security? 6 The 2002 Security Story  The 2002 best practice was to build secure web services using an SSL (as in https) transport  SSL encrypts all traffic between client and web server, so opaque to intermediaries:  Messages cannot be monitored by firewalls  Messages cannot be forwarded by routers  Messages not encrypted in files or databases  Moreover, SSL has scalability problems  Party line: security within SOAP envelopes is better:  Avoids problems with SSL  Avoids dependency on HTTP transport  And is the subject of this talk… 7 Parts I-II: The Official Version  Theory: IBM/MS/VeriSign/… WS specs  Security Roadmap, Apr 2002  WS-Security, Apr 2002  Practice: MS WSE (Web Service Enhancements)  RTW Dec 2002, plugin for VS.NET  Product implementing WS-Security, WS-Routing, and DIME attachments  Signature, encryption based on passwords, certificates 8 Parts III-V: The Research Version  Theory: MSRC/DePaul Cryptyc type system, etc  Tool for specifying/verifying crypto protocols, such as the broad family expressible with WS-Security  Practice: MSRC DS V1 (Declarative Security V1)  ACM XML Security 2002 paper; MSR-TR-2002-108  Research prototype using VS.NET  Declarations for signature, encryption; formal model of programming abstraction, and verification of protocol Part I: A Bottom-Up View of a WSE Message To understand what WSE delivers, either you read the specs, docs, samples, etc; or you snoop at what’s going on the wire… Fellow snoopers: Karthik Bhargavan adnd Cédric Fournet, MSRC 10 A Sample SOAP Request <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"> <soap:Body> <AddInt xmlns="http://microsoft.com/wse/samples/SumService"> <a>20</a> <b>40</b> </AddInt> </soap:Body> </soap:Envelope>  Says: “please compute 20+40”  XML not meant to be read by humans, so we’ll omit namespace info, and trailing brackets… [...]... ConfigureProxy(serviceProxy); After proxy constructs SOAP message, the security filter will compute the signature // Add the security token and request a signature UsernameToken token = new UsernameToken("adg", "OpenSesame", PasswordOption.SendHashed); requestContext .Security. Tokens.Add(token); requestContext .Security. Elements.Add(new Signature(token)); // Call the service Console.WriteLine("Calling {0}", serviceProxy.Url);... provisioning – see XKMS 22 Security Spec Overview  Apr 02:  WS -Security: message integrity, confidentiality, authentication; security token attachment, both XML (SAML, XrML) and binary (Kerb, X509)  Dec 02:  WS-Trust: request and issue security tokens, manage trust relationships  WS-SecureConversation: establish and share security contexts, derive session keys  WS-SecurityPolicy: security requirements... University An informal design, and (pre-WSE) implementation A Security Abstraction class BankingServiceClass { string callerid; [WebMethod] [SecurityLevel(Level=Auth)] public int Balance (int account) [WebMethod] [SecurityLevel(Level=AuthEnc)] public string Statement (int account) }  Each web method has one of three security levels  None, Auth or AuthEnc  Akin to SRC Secure Network Objects, for example... reason is that WS -Security is a very flexible syntax for crypto protocols, which are infamously hard to get right  Can we verify SOAP-level crypto protocols?  Can we design re-usable abstractions?  Can we make security requirements explicit? 24 Part III: A Web Service Security Abstraction With Riccardo Pucella, Cornell University An informal design, and (pre-WSE) implementation A Security Abstraction... serviceProxy.Url); int sum = serviceProxy.AddInt(a, b); After call, ResponseSoapContext describes tokens and signatures on response // Success! string message = string.Format("{0} + {1} = {2}", a, b, sum); Console.WriteLine( "Web Service called successfully: {0}", message); 19 Part II: The Standard Theory An outline of the WS specification stack, implemented, in part, by WSE http://msdn.microsoft.com/webservices/under... vSB9JU/Wr8ykpAlaxCx2KdvjZcc= hmacsha1(key, Signature) where 20 Hence, signature can key=psha1(pw+nonce+time) 6 prove this is a fresh A Signed Request message from adg Sample: Username Signing // Create an instance of the Web service AddNumbers serviceProxy = new AddNumbers(); SoapContext requestContext = serviceProxy.RequestSoapContext;... input, output messages, and an action  Binding: relates operation to transport protocol, e.g., SOAP over HTTP, HTTP GET, HTTP POST  Service: set of ports, each a binding + address 21 WS -Security  Goal: flexible, single message security syntax  Requirements:  Multiple security tokens for authentication and authorization  Multiple trust domains, inter-institution workflow  Multiple crypto technologies... http://microsoft.com/wse/samples/SumService/AddInt http://mydomain/symmetricencryption.asmx uuid:ced7a259… WS-Timestamp header WS -Security header 2003-03-13T18:24:43Z ReferenceList element: 2003-03-13T18:25:43Z list of pointers to EncryptedData elements . John's College, Cambridge, March 25–28, 2003 2 What’s a Web Service?  “A web service is a web site intended for use by computer programs instead of. GoogleSearchService s = new GoogleSearchService(); foreach (string q in queries) {… s.doGoogleSearch(myKey, q); …} Implementation via WebService classes in Web