1 / 22

SOW & WSE

SOW & WSE. Tsai, Meng-Ru Consultant Microsoft Technologies Centre Microsoft Taiwan Corp. Agenda. Service-Oriented Architecture Introduction Web Service Introduction and WSE. SOA. Service-Oriented Architecture

isabella-walsh
Download Presentation

SOW & WSE

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. SOW & WSE Tsai, Meng-Ru Consultant Microsoft Technologies Centre Microsoft Taiwan Corp.

  2. Agenda • Service-Oriented Architecture Introduction • Web Service Introduction and WSE

  3. SOA • Service-Oriented Architecture • A set of components which can be invoked, and whose interface descriptions can be published and discovered (W3C). • Services can be invoked, published and discovered, and are abstracted away from the implementation using a single, standards-based form of interface. (CBDI)

  4. “Scales Away” spans organizations and geographies “Scales Out” by adding machines “Scales Up” on large systems “Scales In” on a machine “Scales Down” to devices Services Everywhere

  5. Form-Factor Friendly Doesn’t require centralized services Unlocks rich client assets Empowers users with high-end communications Low-cost devices via the PC… Flexible, end-to-end security Dynamic protocol negotiation

  6. SOA :Business Process Centric!

  7. Evolution Phases

  8. How to approach SOA? • Be Incremental • Crawl, Walk, Run • Identify key services for building a connected system • Build Web service façades in front of them • Exploit the value of those services with Smart Clients and Business Processes • Evolve apps behind façade as necessary

  9. Agenda • Service-Oriented Architecture Introduction • Web Service Introduction and WSE

  10. Web Services • See What Web Services Can Do for You • Built on industry standards, Web Services provide a means for software to interoperate across programming languages, platforms and operating systems. • Loosely Coupled • Popular Communication • Generic Data Format • Classic Web Service limitations • No WS-* implementations • Lack of non-functional requirements of SOA (Security, Transaction, Large transmission data, Stateful Session, etc)

  11. Web Service Enhancements • WSE is an extension to the .NET Framework • Provides support for several WS-* specs • Can be used to extend ASMX behavior • Fully integrated with Visual Studio 2005 • Fully supported product with customer support

  12. Communication Security • Authentication • Message Integrity • Confidentiality

  13. Secure CommunicationProtocol-level security • Sender must trust intermediaries • Message decrypted at intermediaries • Encrypts the entire message • Restricts protocols that can be used Encrypted Encrypted

  14. Secure CommunicationMessage-level security • End-to-end message security independent of transport • Supports multiple protocols and multiple encryption technologies • Can encrypt parts of the message • Sender need only trust ultimate receiver • The signature is stored with the data

  15. Turnkey Security Scenarios • Based on industry best practices • Each scenario represented as an assertion • UsernameOverX509 • AnnonymousOverX509 • UsernameOverTransport • Kerberos • MutualX509

  16. Policy Pipeline Architecture Policy assertions transform the message Policy describes an input pipeline Input Soap Message Custom Tracing Security Application Processing Output Soap Message Custom Security Tracing … and an output Pipeline

  17. Security Simplify Reduction Client Server Message-Level Security for Large Amounts of Data Message Transmission Optimization Mechanism (MTOM)

  18. Sessions with Secure Conversation • Asymmetric keys (X509 Certificates) are slow for multiple messages • WS-SecureConversation defines a Security Context Token (SCT) • A messaging optimization • Faster for multiple calls (client makes > 2) Request for SCT SCT Issued to client Client Server Multiple messages Signed and encrypted with SCT

  19. WSE 3.0 Session Management • Stateful SCTs • WSE 2.0 required the service to maintain an SCT’s state • In WSE 3.0 the state may be preserved with the SCT • Enables SCTs to re-establish the session • SCT Cancellation • In WSE 2.0 SCTs have a timeout • WSE 3.0 provides the ability to cancel a session

  20. Re-Establishing Sessions SCT State SCT State Request for SCT SCT Issued to client Session Re-Established Client Request Multiple messages Signed and encrypted with SCT Server Client

  21. Which Specs? WS-*? W3C? • Reliable Messaging Specifications • WS-ReliableMessaging • Transaction Specifications • WS-Coordination • WS-AtomicTransaction • WS-BusinessActivity • Metadata Specifications • WSDL • UDDI • WS-Policy • WS-PolicyAssertions • WS-PolicyAttachment • WS-SecurityPolicy • WS-Discovery • WS-MetadataExchange • XML Specifications • XML • Namespaces in XML • XML Information Set • Business Process Specifications • BPEL4WS • Messaging Specifications • SOAP • WS-Addressing • MTOM (Attachments) • WS-Eventing • Security Specifications • Web Services Security: SOAP Message Security • Web Services Security: UsernameToken Profile 1.0 • Web Services Security: X.509 Certificate Token Profile • WS-Security • WS-SecureConversation • WS-Trust • WS-Federation • WS-Federation Active Requestor Profile • WS-Federation Passive Requestor Profile • Web Services Security Kerberos Binding • Specification Profiles • Devices Profile Source: http://msdn.microsoft.com/webservices/understanding/specs/wslicensing.aspx

More Related