SlideShare una empresa de Scribd logo

Restful Security Requirements

Pat Cappelaere
Pat Cappelaere

Security Requirements for RESTful Web Services

Tecnología
1 de 16
Descargar para leer sin conexión
Web Services Security 1 SensorWeb Requirements Pat Cappelaere NASA EO-1 Team
2 Definitions Web Service: From Wikipedia, the free encyclopedia It is defined by the W3C as quot;a software system designed to support interoperable machine-to-machine interaction over a network It communicates over the HTTP protocol used on the Web. Such services tend to fall into one of two camps: SOAP/WSDL and RESTful Web Services. Both need to be supported [But our preference is to RESTful WEb Services to reduce cost of implementations/operations]
Major Requirement The RESTFul Way 3
4 Scope Web Services Need To Be Accessible From An Open Network BUT Are Not (necessarily) On The NASA Network They Are Used To Access Data And/or Assets In A Bi-directional Manner They May Need To Communicate With Many Communities On A Permanent Or Temporary Basis (Disaster Management) Some Data To Be Exchanged May Be: Mostly Public Some Data May Be For Restricted Dissemination For Some Time Period (60days) TBD License Agreements
Outside Of Scope Direct Access To NASA Satellite Assets Or Sensitive Data
6 User Scope: Web 2.0 Web Security Protocol Needs To Be Easy To Implement (Many Users Will Have Low-IT Capabilities) Target: Web 2.0 Mass Market Accessible Implementable in Less Than Half a Day By Neo-Geographer Leverage Existing Web 2.0 Standards As Possible To Lower Cost And Speed Up Acceptance
SERVIR/CATHALAC Red Cross NGIT USGS IKHANA MODIS NASA DOD SPOT GMU SensorWeb Collaboration JPL Challenge AFRICOM GEOSS RCMRD 7 Hubs NOAA Users CA Firefighters Services Sensors
8 Federated Approach Trust Relationships Between Communities Can Be Permanent Temporary (Under Admin Control) [Permission Policies May Need To Be Exchanged Across Domains] Local Trust Relationship Must Be Easiliy Discoverable By Local Service Providers
9 Federated Management Each Community Needs to Manage its Users and Services In a Satisifactory Manner (But Not Necessarily Identitical) Provide a Recognizable Handle for a User or a Service (passport-like, openid...) Provide An Accessable Profile for User/Service Attributes Some attributes may be read-write User Privacy Issue? User Consent May Be Required To Release Info
10 User Profile Standard Organizational Profile Example: http://www.axschema.org/types/ Plus: One or More Notification URI (SMS, XMPP...) Roles/Permissions Granted By Organization Some User Profile Attributes May Need To Be Writeable By Outside Services DRM/License Agreements...
11 Service Profile Name / Description... Main URL Web Page End Point RSA Public Key
12 Secure Transactions Data Providers Need To Make Sure That: Message Transaction Has Not Been Tampered With Message Has Not Been Playedback Message Is In The Clear Message Comes From Valid Service Consumer Message Comes From Valid User User Has Proper Permission To Access Specified Security Realm User Has Delegated Authority To Consumer (Confirmation May be Necessary) User Has Agreed To Access/License Agreement
1: User SSO 2: Secure Transactions First Responder Dispatch Office 3: Delegation NOAA NGIT 3 (FRDO) GFS Model Weather WPS (Plume) Problems Orchestrating SPS WPS Worflow Consumer SOS 13 Firewall First Responder: Andy NASA
14 User Security Management User Needs To Have One Place To Go To: Manage Authorized Sites Manage Grants Access/Manage Profile Access (Some of the Attributes Only) Access/Manage Services
15 Max Degree Of Separation 2 Two Degrees 1 2
THANK YOU Pat G. Cappelaere Contact Information: =cappelaere http://blog.geobliki.com Cell:410-340-4868 pat@cappelaere.com 16

Recomendados

Modular Test-driven SPAs with Spring and AngularJS
Modular Test-driven SPAs with Spring and AngularJSModular Test-driven SPAs with Spring and AngularJS
Modular Test-driven SPAs with Spring and AngularJSGunnar Hillert
 
What's New in spring-security-core 2.0
What's New in spring-security-core 2.0What's New in spring-security-core 2.0
What's New in spring-security-core 2.0Burt Beckwith
 
Teaching and Learning TDD in the Coding Dojo
Teaching and Learning TDD in the Coding DojoTeaching and Learning TDD in the Coding Dojo
Teaching and Learning TDD in the Coding DojoEmily Bache
 
Managing application performance for cloud apps bmc
Managing application performance for cloud apps bmcManaging application performance for cloud apps bmc
Managing application performance for cloud apps bmcKhazret Sapenov
 
DSS ITSEC 2012 ForeScout Technical RIGA
DSS ITSEC 2012 ForeScout Technical RIGADSS ITSEC 2012 ForeScout Technical RIGA
DSS ITSEC 2012 ForeScout Technical RIGAAndris Soroka
 
Dr관련 세미나 자료 v2
Dr관련 세미나 자료 v2Dr관련 세미나 자료 v2
Dr관련 세미나 자료 v2종필 김
 
Dr관련 세미나 자료 v2333
Dr관련 세미나 자료 v2333Dr관련 세미나 자료 v2333
Dr관련 세미나 자료 v2333종필 김
 
OFC/NFOEC: Software Defined Optical Networks
OFC/NFOEC: Software Defined Optical NetworksOFC/NFOEC: Software Defined Optical Networks
OFC/NFOEC: Software Defined Optical NetworksADVA
 

Recomendados

Modular Test-driven SPAs with Spring and AngularJS
Modular Test-driven SPAs with Spring and AngularJSModular Test-driven SPAs with Spring and AngularJS
Modular Test-driven SPAs with Spring and AngularJSGunnar Hillert
 
What's New in spring-security-core 2.0
What's New in spring-security-core 2.0What's New in spring-security-core 2.0
What's New in spring-security-core 2.0Burt Beckwith
 
Teaching and Learning TDD in the Coding Dojo
Teaching and Learning TDD in the Coding DojoTeaching and Learning TDD in the Coding Dojo
Teaching and Learning TDD in the Coding DojoEmily Bache
 
Managing application performance for cloud apps bmc
Managing application performance for cloud apps bmcManaging application performance for cloud apps bmc
Managing application performance for cloud apps bmcKhazret Sapenov
 
DSS ITSEC 2012 ForeScout Technical RIGA
DSS ITSEC 2012 ForeScout Technical RIGADSS ITSEC 2012 ForeScout Technical RIGA
DSS ITSEC 2012 ForeScout Technical RIGAAndris Soroka
 
Dr관련 세미나 자료 v2
Dr관련 세미나 자료 v2Dr관련 세미나 자료 v2
Dr관련 세미나 자료 v2종필 김
 
Dr관련 세미나 자료 v2333
Dr관련 세미나 자료 v2333Dr관련 세미나 자료 v2333
Dr관련 세미나 자료 v2333종필 김
 
OFC/NFOEC: Software Defined Optical Networks
OFC/NFOEC: Software Defined Optical NetworksOFC/NFOEC: Software Defined Optical Networks
OFC/NFOEC: Software Defined Optical NetworksADVA
 
Large-Scale System Integration with DDS for SCADA, C2, and Finance
Large-Scale System Integration with DDS for SCADA, C2, and FinanceLarge-Scale System Integration with DDS for SCADA, C2, and Finance
Large-Scale System Integration with DDS for SCADA, C2, and FinanceRick Warren
 
OMG DDS and its Relation to Unmanned Vehicle Interoperability
OMG DDS and its Relation to Unmanned Vehicle InteroperabilityOMG DDS and its Relation to Unmanned Vehicle Interoperability
OMG DDS and its Relation to Unmanned Vehicle InteroperabilityGerardo Pardo-Castellote
 
Building Hadoop-as-a-Service with Pivotal Hadoop Distribution, Serengeti, & I...
Building Hadoop-as-a-Service with Pivotal Hadoop Distribution, Serengeti, & I...Building Hadoop-as-a-Service with Pivotal Hadoop Distribution, Serengeti, & I...
Building Hadoop-as-a-Service with Pivotal Hadoop Distribution, Serengeti, & I...EMC
 
A recap of the JMA webinar hosted by NEDAS on December 13, 2017)
A recap of the JMA webinar hosted by NEDAS on December 13, 2017)A recap of the JMA webinar hosted by NEDAS on December 13, 2017)
A recap of the JMA webinar hosted by NEDAS on December 13, 2017)Ilissa Miller
 
Introduction to DDS
Introduction to DDSIntroduction to DDS
Introduction to DDSRick Warren
 
The Path to SDN - How to Ensure a Successful SDN Evolution
The Path to SDN - How to Ensure a Successful SDN EvolutionThe Path to SDN - How to Ensure a Successful SDN Evolution
The Path to SDN - How to Ensure a Successful SDN EvolutionJuniper Networks
 
OMG DDS: The Data Distribution Service for Real-Time Systems
OMG DDS: The Data Distribution Service for Real-Time SystemsOMG DDS: The Data Distribution Service for Real-Time Systems
OMG DDS: The Data Distribution Service for Real-Time SystemsAngelo Corsaro
 
Cloud Computing presentation by Lisa Abe at the Canadian IT Lawyers Associat...
Cloud Computing presentation by Lisa Abe at the Canadian IT Lawyers Associat...Cloud Computing presentation by Lisa Abe at the Canadian IT Lawyers Associat...
Cloud Computing presentation by Lisa Abe at the Canadian IT Lawyers Associat...lisaabe
 
GeoCENS OGC Standards and Sensor Web Enablement presented at GeoCENS Banff Se...
GeoCENS OGC Standards and Sensor Web Enablement presented at GeoCENS Banff Se...GeoCENS OGC Standards and Sensor Web Enablement presented at GeoCENS Banff Se...
GeoCENS OGC Standards and Sensor Web Enablement presented at GeoCENS Banff Se...Cybera Inc.
 
State of the Union: Open Source Network Function Virtualization
State of the Union: Open Source Network Function VirtualizationState of the Union: Open Source Network Function Virtualization
State of the Union: Open Source Network Function VirtualizationSamsung Open Source Group
 
OMG DDS Tutorial - Part I
OMG DDS Tutorial - Part IOMG DDS Tutorial - Part I
OMG DDS Tutorial - Part IAngelo Corsaro
 
Datasheet over privileged_users
Datasheet over privileged_usersDatasheet over privileged_users
Datasheet over privileged_usersCristian Garcia G.
 
Shanghai Breakout: Mobile Devices and Wi-Fi
Shanghai Breakout: Mobile Devices and Wi-FiShanghai Breakout: Mobile Devices and Wi-Fi
Shanghai Breakout: Mobile Devices and Wi-FiAruba, a Hewlett Packard Enterprise company
 
PLNOG 5: Rafał Szarecki - EXPERIENCE FROM L2TP IMPLEMENTATION FOR BITSTREAM
PLNOG 5: Rafał Szarecki - EXPERIENCE FROM L2TP IMPLEMENTATION FOR BITSTREAMPLNOG 5: Rafał Szarecki - EXPERIENCE FROM L2TP IMPLEMENTATION FOR BITSTREAM
PLNOG 5: Rafał Szarecki - EXPERIENCE FROM L2TP IMPLEMENTATION FOR BITSTREAMPROIDEA
 
Integration Platform For JMPS Using DDS
Integration Platform For JMPS Using DDSIntegration Platform For JMPS Using DDS
Integration Platform For JMPS Using DDSSupreet Oberoi
 
unified skeleton for real time mocap
unified skeleton for real time mocapunified skeleton for real time mocap
unified skeleton for real time mocapDavid Nahon
 
An Extensible Architecture for Avionics Sensor Health Assessment Using DDS
An Extensible Architecture for Avionics Sensor Health Assessment Using DDSAn Extensible Architecture for Avionics Sensor Health Assessment Using DDS
An Extensible Architecture for Avionics Sensor Health Assessment Using DDSSumant Tambe
 
Webinar: Learn How To Deploy High-Scale, Low-Latency Cost-Efficient Solutions...
Webinar: Learn How To Deploy High-Scale, Low-Latency Cost-Efficient Solutions...Webinar: Learn How To Deploy High-Scale, Low-Latency Cost-Efficient Solutions...
Webinar: Learn How To Deploy High-Scale, Low-Latency Cost-Efficient Solutions...BTI Systems
 
redGuardian DP100 large scale DDoS mitigation solution
redGuardian DP100 large scale DDoS mitigation solutionredGuardian DP100 large scale DDoS mitigation solution
redGuardian DP100 large scale DDoS mitigation solutionRedge Technologies
 
SolarWinds Federal Webinar: Technical Update & Demo of Newest Products & Feat...
SolarWinds Federal Webinar: Technical Update & Demo of Newest Products & Feat...SolarWinds Federal Webinar: Technical Update & Demo of Newest Products & Feat...
SolarWinds Federal Webinar: Technical Update & Demo of Newest Products & Feat...SolarWinds
 
GeoCAPE Strategies
GeoCAPE StrategiesGeoCAPE Strategies
GeoCAPE StrategiesPat Cappelaere
 
Open Geo-Social API (and Screencast)
Open Geo-Social API (and Screencast)Open Geo-Social API (and Screencast)
Open Geo-Social API (and Screencast)Pat Cappelaere
 

Más contenido relacionado

Similar a Restful Security Requirements

Large-Scale System Integration with DDS for SCADA, C2, and Finance
Large-Scale System Integration with DDS for SCADA, C2, and FinanceLarge-Scale System Integration with DDS for SCADA, C2, and Finance
Large-Scale System Integration with DDS for SCADA, C2, and FinanceRick Warren
 
OMG DDS and its Relation to Unmanned Vehicle Interoperability
OMG DDS and its Relation to Unmanned Vehicle InteroperabilityOMG DDS and its Relation to Unmanned Vehicle Interoperability
OMG DDS and its Relation to Unmanned Vehicle InteroperabilityGerardo Pardo-Castellote
 
Building Hadoop-as-a-Service with Pivotal Hadoop Distribution, Serengeti, & I...
Building Hadoop-as-a-Service with Pivotal Hadoop Distribution, Serengeti, & I...Building Hadoop-as-a-Service with Pivotal Hadoop Distribution, Serengeti, & I...
Building Hadoop-as-a-Service with Pivotal Hadoop Distribution, Serengeti, & I...EMC
 
A recap of the JMA webinar hosted by NEDAS on December 13, 2017)
A recap of the JMA webinar hosted by NEDAS on December 13, 2017)A recap of the JMA webinar hosted by NEDAS on December 13, 2017)
A recap of the JMA webinar hosted by NEDAS on December 13, 2017)Ilissa Miller
 
Introduction to DDS
Introduction to DDSIntroduction to DDS
Introduction to DDSRick Warren
 
The Path to SDN - How to Ensure a Successful SDN Evolution
The Path to SDN - How to Ensure a Successful SDN EvolutionThe Path to SDN - How to Ensure a Successful SDN Evolution
The Path to SDN - How to Ensure a Successful SDN EvolutionJuniper Networks
 
OMG DDS: The Data Distribution Service for Real-Time Systems
OMG DDS: The Data Distribution Service for Real-Time SystemsOMG DDS: The Data Distribution Service for Real-Time Systems
OMG DDS: The Data Distribution Service for Real-Time SystemsAngelo Corsaro
 
Cloud Computing presentation by Lisa Abe at the Canadian IT Lawyers Associat...
Cloud Computing presentation by Lisa Abe at the Canadian IT Lawyers Associat...Cloud Computing presentation by Lisa Abe at the Canadian IT Lawyers Associat...
Cloud Computing presentation by Lisa Abe at the Canadian IT Lawyers Associat...lisaabe
 
GeoCENS OGC Standards and Sensor Web Enablement presented at GeoCENS Banff Se...
GeoCENS OGC Standards and Sensor Web Enablement presented at GeoCENS Banff Se...GeoCENS OGC Standards and Sensor Web Enablement presented at GeoCENS Banff Se...
GeoCENS OGC Standards and Sensor Web Enablement presented at GeoCENS Banff Se...Cybera Inc.
 
State of the Union: Open Source Network Function Virtualization
State of the Union: Open Source Network Function VirtualizationState of the Union: Open Source Network Function Virtualization
State of the Union: Open Source Network Function VirtualizationSamsung Open Source Group
 
OMG DDS Tutorial - Part I
OMG DDS Tutorial - Part IOMG DDS Tutorial - Part I
OMG DDS Tutorial - Part IAngelo Corsaro
 
Datasheet over privileged_users
Datasheet over privileged_usersDatasheet over privileged_users
Datasheet over privileged_usersCristian Garcia G.
 
PLNOG 5: Rafał Szarecki - EXPERIENCE FROM L2TP IMPLEMENTATION FOR BITSTREAM
PLNOG 5: Rafał Szarecki - EXPERIENCE FROM L2TP IMPLEMENTATION FOR BITSTREAMPLNOG 5: Rafał Szarecki - EXPERIENCE FROM L2TP IMPLEMENTATION FOR BITSTREAM
PLNOG 5: Rafał Szarecki - EXPERIENCE FROM L2TP IMPLEMENTATION FOR BITSTREAMPROIDEA
 
Integration Platform For JMPS Using DDS
Integration Platform For JMPS Using DDSIntegration Platform For JMPS Using DDS
Integration Platform For JMPS Using DDSSupreet Oberoi
 
unified skeleton for real time mocap
unified skeleton for real time mocapunified skeleton for real time mocap
unified skeleton for real time mocapDavid Nahon
 
An Extensible Architecture for Avionics Sensor Health Assessment Using DDS
An Extensible Architecture for Avionics Sensor Health Assessment Using DDSAn Extensible Architecture for Avionics Sensor Health Assessment Using DDS
An Extensible Architecture for Avionics Sensor Health Assessment Using DDSSumant Tambe
 
Webinar: Learn How To Deploy High-Scale, Low-Latency Cost-Efficient Solutions...
Webinar: Learn How To Deploy High-Scale, Low-Latency Cost-Efficient Solutions...Webinar: Learn How To Deploy High-Scale, Low-Latency Cost-Efficient Solutions...
Webinar: Learn How To Deploy High-Scale, Low-Latency Cost-Efficient Solutions...BTI Systems
 
redGuardian DP100 large scale DDoS mitigation solution
redGuardian DP100 large scale DDoS mitigation solutionredGuardian DP100 large scale DDoS mitigation solution
redGuardian DP100 large scale DDoS mitigation solutionRedge Technologies
 
SolarWinds Federal Webinar: Technical Update & Demo of Newest Products & Feat...
SolarWinds Federal Webinar: Technical Update & Demo of Newest Products & Feat...SolarWinds Federal Webinar: Technical Update & Demo of Newest Products & Feat...
SolarWinds Federal Webinar: Technical Update & Demo of Newest Products & Feat...SolarWinds
 

Similar a Restful Security Requirements (20)

Large-Scale System Integration with DDS for SCADA, C2, and Finance
Large-Scale System Integration with DDS for SCADA, C2, and FinanceLarge-Scale System Integration with DDS for SCADA, C2, and Finance
Large-Scale System Integration with DDS for SCADA, C2, and Finance
 
OMG DDS and its Relation to Unmanned Vehicle Interoperability
OMG DDS and its Relation to Unmanned Vehicle InteroperabilityOMG DDS and its Relation to Unmanned Vehicle Interoperability
OMG DDS and its Relation to Unmanned Vehicle Interoperability
 
Building Hadoop-as-a-Service with Pivotal Hadoop Distribution, Serengeti, & I...
Building Hadoop-as-a-Service with Pivotal Hadoop Distribution, Serengeti, & I...Building Hadoop-as-a-Service with Pivotal Hadoop Distribution, Serengeti, & I...
Building Hadoop-as-a-Service with Pivotal Hadoop Distribution, Serengeti, & I...
 
A recap of the JMA webinar hosted by NEDAS on December 13, 2017)
A recap of the JMA webinar hosted by NEDAS on December 13, 2017)A recap of the JMA webinar hosted by NEDAS on December 13, 2017)
A recap of the JMA webinar hosted by NEDAS on December 13, 2017)
 
Introduction to DDS
Introduction to DDSIntroduction to DDS
Introduction to DDS
 
The Path to SDN - How to Ensure a Successful SDN Evolution
The Path to SDN - How to Ensure a Successful SDN EvolutionThe Path to SDN - How to Ensure a Successful SDN Evolution
The Path to SDN - How to Ensure a Successful SDN Evolution
 
OMG DDS: The Data Distribution Service for Real-Time Systems
OMG DDS: The Data Distribution Service for Real-Time SystemsOMG DDS: The Data Distribution Service for Real-Time Systems
OMG DDS: The Data Distribution Service for Real-Time Systems
 
Cloud Computing presentation by Lisa Abe at the Canadian IT Lawyers Associat...
Cloud Computing presentation by Lisa Abe at the Canadian IT Lawyers Associat...Cloud Computing presentation by Lisa Abe at the Canadian IT Lawyers Associat...
Cloud Computing presentation by Lisa Abe at the Canadian IT Lawyers Associat...
 
GeoCENS OGC Standards and Sensor Web Enablement presented at GeoCENS Banff Se...
GeoCENS OGC Standards and Sensor Web Enablement presented at GeoCENS Banff Se...GeoCENS OGC Standards and Sensor Web Enablement presented at GeoCENS Banff Se...
GeoCENS OGC Standards and Sensor Web Enablement presented at GeoCENS Banff Se...
 
State of the Union: Open Source Network Function Virtualization
State of the Union: Open Source Network Function VirtualizationState of the Union: Open Source Network Function Virtualization
State of the Union: Open Source Network Function Virtualization
 
OMG DDS Tutorial - Part I
OMG DDS Tutorial - Part IOMG DDS Tutorial - Part I
OMG DDS Tutorial - Part I
 
Datasheet over privileged_users
Datasheet over privileged_usersDatasheet over privileged_users
Datasheet over privileged_users
 
Shanghai Breakout: Mobile Devices and Wi-Fi
Shanghai Breakout: Mobile Devices and Wi-FiShanghai Breakout: Mobile Devices and Wi-Fi
Shanghai Breakout: Mobile Devices and Wi-Fi
 
PLNOG 5: Rafał Szarecki - EXPERIENCE FROM L2TP IMPLEMENTATION FOR BITSTREAM
PLNOG 5: Rafał Szarecki - EXPERIENCE FROM L2TP IMPLEMENTATION FOR BITSTREAMPLNOG 5: Rafał Szarecki - EXPERIENCE FROM L2TP IMPLEMENTATION FOR BITSTREAM
PLNOG 5: Rafał Szarecki - EXPERIENCE FROM L2TP IMPLEMENTATION FOR BITSTREAM
 
Integration Platform For JMPS Using DDS
Integration Platform For JMPS Using DDSIntegration Platform For JMPS Using DDS
Integration Platform For JMPS Using DDS
 
unified skeleton for real time mocap
unified skeleton for real time mocapunified skeleton for real time mocap
unified skeleton for real time mocap
 
An Extensible Architecture for Avionics Sensor Health Assessment Using DDS
An Extensible Architecture for Avionics Sensor Health Assessment Using DDSAn Extensible Architecture for Avionics Sensor Health Assessment Using DDS
An Extensible Architecture for Avionics Sensor Health Assessment Using DDS
 
Webinar: Learn How To Deploy High-Scale, Low-Latency Cost-Efficient Solutions...
Webinar: Learn How To Deploy High-Scale, Low-Latency Cost-Efficient Solutions...Webinar: Learn How To Deploy High-Scale, Low-Latency Cost-Efficient Solutions...
Webinar: Learn How To Deploy High-Scale, Low-Latency Cost-Efficient Solutions...
 
redGuardian DP100 large scale DDoS mitigation solution
redGuardian DP100 large scale DDoS mitigation solutionredGuardian DP100 large scale DDoS mitigation solution
redGuardian DP100 large scale DDoS mitigation solution
 
SolarWinds Federal Webinar: Technical Update & Demo of Newest Products & Feat...
SolarWinds Federal Webinar: Technical Update & Demo of Newest Products & Feat...SolarWinds Federal Webinar: Technical Update & Demo of Newest Products & Feat...
SolarWinds Federal Webinar: Technical Update & Demo of Newest Products & Feat...
 

Más de Pat Cappelaere

Open Geo-Social API (and Screencast)
Open Geo-Social API (and Screencast)Open Geo-Social API (and Screencast)
Open Geo-Social API (and Screencast)Pat Cappelaere
 
GEOSS Future Products & GeoSocial API
GEOSS Future Products & GeoSocial APIGEOSS Future Products & GeoSocial API
GEOSS Future Products & GeoSocial APIPat Cappelaere
 
Is It API Time For A New Strategy?
Is It API Time For A New Strategy?Is It API Time For A New Strategy?
Is It API Time For A New Strategy?Pat Cappelaere
 
Shoudl We Have An API Day?
Shoudl We Have An API Day?Shoudl We Have An API Day?
Shoudl We Have An API Day?Pat Cappelaere
 
REST Level 5 - A Trek To The Summit
REST Level 5 - A Trek To The SummitREST Level 5 - A Trek To The Summit
REST Level 5 - A Trek To The SummitPat Cappelaere
 
HyspIRI IPM Goes Social
HyspIRI IPM Goes SocialHyspIRI IPM Goes Social
HyspIRI IPM Goes SocialPat Cappelaere
 
Want Your API to Stick? Try Story-Telling...
Want Your API to Stick? Try Story-Telling...Want Your API to Stick? Try Story-Telling...
Want Your API to Stick? Try Story-Telling...Pat Cappelaere
 
RESTFul Services, Does it Matter Anymore?
RESTFul Services, Does it Matter Anymore?RESTFul Services, Does it Matter Anymore?
RESTFul Services, Does it Matter Anymore?Pat Cappelaere
 
Cathalac Story Based on Actual Data
Cathalac Story Based on Actual DataCathalac Story Based on Actual Data
Cathalac Story Based on Actual DataPat Cappelaere
 
Radarsat Facebook App Concept
Radarsat Facebook App ConceptRadarsat Facebook App Concept
Radarsat Facebook App ConceptPat Cappelaere
 
Story Telling as an Activity-based Architecture
Story Telling as an Activity-based ArchitectureStory Telling as an Activity-based Architecture
Story Telling as an Activity-based ArchitecturePat Cappelaere
 
Building Tomorrow's Web Services
Building Tomorrow's Web ServicesBuilding Tomorrow's Web Services
Building Tomorrow's Web ServicesPat Cappelaere
 
NASA SensorWeb Enterprise Services
NASA SensorWeb Enterprise ServicesNASA SensorWeb Enterprise Services
NASA SensorWeb Enterprise ServicesPat Cappelaere
 
Intelligent Payload Processing
Intelligent Payload ProcessingIntelligent Payload Processing
Intelligent Payload ProcessingPat Cappelaere
 
Two Degrees To SensoWeb
Two Degrees To SensoWebTwo Degrees To SensoWeb
Two Degrees To SensoWebPat Cappelaere
 

Más de Pat Cappelaere (20)

GeoCAPE Strategies
GeoCAPE StrategiesGeoCAPE Strategies
GeoCAPE Strategies
 
Open Geo-Social API (and Screencast)
Open Geo-Social API (and Screencast)Open Geo-Social API (and Screencast)
Open Geo-Social API (and Screencast)
 
GEOSS Future Products & GeoSocial API
GEOSS Future Products & GeoSocial APIGEOSS Future Products & GeoSocial API
GEOSS Future Products & GeoSocial API
 
Is It API Time For A New Strategy?
Is It API Time For A New Strategy?Is It API Time For A New Strategy?
Is It API Time For A New Strategy?
 
Shoudl We Have An API Day?
Shoudl We Have An API Day?Shoudl We Have An API Day?
Shoudl We Have An API Day?
 
Api Days Are Over
Api Days Are OverApi Days Are Over
Api Days Are Over
 
Open GeoSocial API
Open GeoSocial APIOpen GeoSocial API
Open GeoSocial API
 
REST Level 5 - A Trek To The Summit
REST Level 5 - A Trek To The SummitREST Level 5 - A Trek To The Summit
REST Level 5 - A Trek To The Summit
 
HyspIRI IPM Goes Social
HyspIRI IPM Goes SocialHyspIRI IPM Goes Social
HyspIRI IPM Goes Social
 
Want Your API to Stick? Try Story-Telling...
Want Your API to Stick? Try Story-Telling...Want Your API to Stick? Try Story-Telling...
Want Your API to Stick? Try Story-Telling...
 
RESTFul Services, Does it Matter Anymore?
RESTFul Services, Does it Matter Anymore?RESTFul Services, Does it Matter Anymore?
RESTFul Services, Does it Matter Anymore?
 
Cathalac Story Based on Actual Data
Cathalac Story Based on Actual DataCathalac Story Based on Actual Data
Cathalac Story Based on Actual Data
 
Radarsat Facebook App Concept
Radarsat Facebook App ConceptRadarsat Facebook App Concept
Radarsat Facebook App Concept
 
Story Telling as an Activity-based Architecture
Story Telling as an Activity-based ArchitectureStory Telling as an Activity-based Architecture
Story Telling as an Activity-based Architecture
 
Building Tomorrow's Web Services
Building Tomorrow's Web ServicesBuilding Tomorrow's Web Services
Building Tomorrow's Web Services
 
NASA SensorWeb Enterprise Services
NASA SensorWeb Enterprise ServicesNASA SensorWeb Enterprise Services
NASA SensorWeb Enterprise Services
 
RIP
RIPRIP
RIP
 
Nasa aip5.pptx
Nasa aip5.pptxNasa aip5.pptx
Nasa aip5.pptx
 
Intelligent Payload Processing
Intelligent Payload ProcessingIntelligent Payload Processing
Intelligent Payload Processing
 
Two Degrees To SensoWeb
Two Degrees To SensoWebTwo Degrees To SensoWeb
Two Degrees To SensoWeb
 

Último

A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsRoshan Dwivedi
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 

Último (20)

A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 

Restful Security Requirements

  • 1. Web Services Security 1 SensorWeb Requirements Pat Cappelaere NASA EO-1 Team
  • 2. 2 Definitions Web Service: From Wikipedia, the free encyclopedia It is defined by the W3C as quot;a software system designed to support interoperable machine-to-machine interaction over a network It communicates over the HTTP protocol used on the Web. Such services tend to fall into one of two camps: SOAP/WSDL and RESTful Web Services. Both need to be supported [But our preference is to RESTful WEb Services to reduce cost of implementations/operations]
  • 3. Major Requirement The RESTFul Way 3
  • 4. 4 Scope Web Services Need To Be Accessible From An Open Network BUT Are Not (necessarily) On The NASA Network They Are Used To Access Data And/or Assets In A Bi-directional Manner They May Need To Communicate With Many Communities On A Permanent Or Temporary Basis (Disaster Management) Some Data To Be Exchanged May Be: Mostly Public Some Data May Be For Restricted Dissemination For Some Time Period (60days) TBD License Agreements
  • 5. Outside Of Scope Direct Access To NASA Satellite Assets Or Sensitive Data
  • 6. 6 User Scope: Web 2.0 Web Security Protocol Needs To Be Easy To Implement (Many Users Will Have Low-IT Capabilities) Target: Web 2.0 Mass Market Accessible Implementable in Less Than Half a Day By Neo-Geographer Leverage Existing Web 2.0 Standards As Possible To Lower Cost And Speed Up Acceptance
  • 7. SERVIR/CATHALAC Red Cross NGIT USGS IKHANA MODIS NASA DOD SPOT GMU SensorWeb Collaboration JPL Challenge AFRICOM GEOSS RCMRD 7 Hubs NOAA Users CA Firefighters Services Sensors
  • 8. 8 Federated Approach Trust Relationships Between Communities Can Be Permanent Temporary (Under Admin Control) [Permission Policies May Need To Be Exchanged Across Domains] Local Trust Relationship Must Be Easiliy Discoverable By Local Service Providers
  • 9. 9 Federated Management Each Community Needs to Manage its Users and Services In a Satisifactory Manner (But Not Necessarily Identitical) Provide a Recognizable Handle for a User or a Service (passport-like, openid...) Provide An Accessable Profile for User/Service Attributes Some attributes may be read-write User Privacy Issue? User Consent May Be Required To Release Info
  • 10. 10 User Profile Standard Organizational Profile Example: http://www.axschema.org/types/ Plus: One or More Notification URI (SMS, XMPP...) Roles/Permissions Granted By Organization Some User Profile Attributes May Need To Be Writeable By Outside Services DRM/License Agreements...
  • 11. 11 Service Profile Name / Description... Main URL Web Page End Point RSA Public Key
  • 12. 12 Secure Transactions Data Providers Need To Make Sure That: Message Transaction Has Not Been Tampered With Message Has Not Been Playedback Message Is In The Clear Message Comes From Valid Service Consumer Message Comes From Valid User User Has Proper Permission To Access Specified Security Realm User Has Delegated Authority To Consumer (Confirmation May be Necessary) User Has Agreed To Access/License Agreement
  • 13. 1: User SSO 2: Secure Transactions First Responder Dispatch Office 3: Delegation NOAA NGIT 3 (FRDO) GFS Model Weather WPS (Plume) Problems Orchestrating SPS WPS Worflow Consumer SOS 13 Firewall First Responder: Andy NASA
  • 14. 14 User Security Management User Needs To Have One Place To Go To: Manage Authorized Sites Manage Grants Access/Manage Profile Access (Some of the Attributes Only) Access/Manage Services
  • 15. 15 Max Degree Of Separation 2 Two Degrees 1 2
  • 16. THANK YOU Pat G. Cappelaere Contact Information: =cappelaere http://blog.geobliki.com Cell:410-340-4868 pat@cappelaere.com 16