Web Services Security Tasks
- J.D. Meier,
Prashant Bansode, Paul Enfield
Task lists are a compilation of expected activities of customers with this technology. We attempt to determine the areas that will likely need the most guidance and prioritize them here.
- Auditing and logging
- Message and Data Validation
- Deployment Considerations
- Exception Management
- Message Protection
- Message Replay Detection
- Sensitive Data
- Session Management
Auditing and logging
- How to identify the sink for logging and auditing.
- How to identify the operations and events to be logged.
- How to log authentication and authorization events.
- How to secure to log files / store.
- How to archive log information.
- How to handle log failures.
- How to avoid storing sensitive information in log files.
- How to use windows authentication in a web service.
- How to use username password authentication in a web service.
- How to use certificate authentication in a web service.
- How to manage user accounts securely.
- How to use WS security with SOAP messages.
- How to use secure sessions.
- How to identify trust boundaries within the web service layers for authorization.
- How to decide granularity of authorization settings.
- How to choose authorization strategy for your web service.
- How to use resource authorization.
- How to use roles authorization.
- How to decide communication protocol for the web service.
- How to reliably handle unreliable or intermittent communication.
- How to use dynamic URL behavior with configured endpoints for maximum flexibility.
- How to validate endpoint addresses in messages etc.
- How to handle asynchronous calls etc.
- How to decide message communication patterns like one-way or two-way etc.
Message and Data Validation
- How to identify trust boundaries within Web service layers for message and data validation.
- How to design your validation strategy to constrain, reject, and sanitize malicious input.
- How to efficiently and securely validate input data.
- How to validate all messages received by the service interface.
- How to handle data and message validation failures
- How to use least privilege account for running the service.
- How to use certificates to enable secure communication using SSL.
- How to handle encryption keys securely in production.
- How to secure configuration sections containing sensitive data
- How to choose exception management strategy.
- How to scrub exception message for secure exception handling.
- How to deal with sensitive information when handling the exception.
- How to deal with unhandled exceptions.
- How to use SOAP Fault elements or custom extensions to return exception details to the caller.
- How to design fault contracts to allow services to declare known faults for each operation
- How to choose between message security and transport security.
- How to use message security.
- How to use message security.
- How to sign and encrypt part of the message.
- How to avoid tampering of messages and parameter
Message Replay Detection
- How to detect message replay.
- How to handle message replay.
- How to protect message confidentiality and integrity.
- How to design service to protect parts of the message with partial encryption.
- How to secure metadata in an endpoint to be consumed by service clients.
- How to use transport security
- How to configure message throttling to avoid denial of service attacks.
- How to design services per session mode.
- How to configure memory limits to avoid denial of service attacks.
- How to configure service for reliable messaging with reliable session and ordering of messages.
- How to implement structured exception handling and state management to avoid state corruption.