This article is a follow-up to a previous article by Alan Weissberger, available at www.gridtoday.com/04/1115/104245.html, or e-mailing [email protected] with “104245” in the subject line.
The WS-I Board of Directors has commenced review of the draft document, “Security Scenarios for WS-I Basic Security Profile.” This document was already approved by the WS-I BSP WG which requested Board level approval. The review closed at 5 p.m. PST on Dec. 10. During this review period, WS-I Members may provide any comments or objections to the material. The document will be considered for approval by the WS-I Board at a meeting scheduled to occur on Dec. 14.
Abstract
This document defines the requirements for and scope of the WS-I Basic Security Profile. The document is aimed at Web Services architects and developers who are examining the security aspects of the Web Services they are designing/developing.
This document:
- Identifies security challenges. These are general security goals or features that inform the selection of specific security requirements in scenarios.
- Identifies the typical threats that prevent accomplishment of each challenge.
- Identifies the typical countermeasures (technologies and protocols) used to mitigate each threat.
- Document potential usage scenarios and the security challenges and threats that might apply to each (derived from the templates found in the Supply Chain Management Use Cases and Scenarios documents).
- This document assumes that the reader has at least a basic background in security technologies such as SSL/TLS, XML encryption and digital signatures, and OASIS Web Services Security. It also assumes that the reader has a basic background in the message level technologies of SOAP.
About Alan J. Weissberger
As the founder and Technical Director of Data Communications Technology (DCT), a technical consulting firm started in March 1983, Alan J. Weissberger specializes in telecommunications standards and their implementation. His clients have included network providers (AT&T, NTT, Pacific Bell, US West, Entel and CTC in Chile, Telkom South Africa, Moroccan PTT, others), equipment and semiconductor manufacturers, and large end users. In 1995 and 1996 Alan was the principal architect for the European Commission's multi-service, multi-country ATM network — the largest private network in Europe (that network has now evolved into Gig Ethernet over CWDM). In 2000-01, he was Ciena's lead ITU-T delegate, contributing to the standardization of the optical control plane in SG13 and SG15. Alan now represents NEC Corp in several OASIS TCs dealing with Web Services, while also attending the Global Grid Forum and the Optical Internetworking Forum (OIF).
Weissberger can be reached via e-mail at [email protected] or [email protected]. To read his entire biography, please visit www.gridtoday.com/04/1011/bio.html, or e-mail [email protected] with “740119” in the subject line.