Which security strategy may work for my sceario?

Hot Topic

Installing Visual Studio 2005 Beta 2 on a standalone machine - Problem
Convert Property to Item with transform
Language addin
Crystal report web service - can't display image or chart
Convert between Func<T> and Expression<T>
Extending the Server Explorer
getting Bamlexception
Offline binding
How to determine if a model passes validation?
msmq (2-way) - services component

Visual Studio

Changing default behaviour of GenerateResource
Unable to acquire/convert string signature from primary or satellite DLL
Adding elements to a grid dynamically
VS2005 errors when adding parameters to a report
Guid for build output pane?
Select a Range by a Cell
WinFX Feb CTP Syntax Help
Changing the icon of context menu item during runtime
TransactionFlow vs. OperationBehavior - TransactionScopeRequired
Properties on Relationship

Which security strategy may work for my sceario?

I need to settle on a strategy for securing (with message encryption and authentication) a service and I’d like to throw up the scenario and find out what recommendations come back from the community. The scenario is as follows:

  1. I have a WinForms “Smart Client” application that consumes a WCF Service that is hosted in IIS.
  2. The client app only talks to the service (i.e. consumes no other services) and the service only exists to be consumed by the client app, and probably an ASP.Net app in the near future, but that doesn’t exist yet.
  3. The Server that hosts the service is in a co-located hosting facility. Most of the time the client and the service will exist on the same VLAN, however, some users will run the client from home or from a remote office that will not be on a VLAN so will be accessing the service over the web (without a VPN).
  4. Performance is important, but security of the data in the messages being sent over the wire is more important.
  5. The Server that is hosting the service is not currently in a domain that is trusted by the domain that the users belong to, but that could be changed if necessary.
  6. Certificate Server is not currently set up, but that could be introduced if necessary.
  7. I’d like to avoid installing certs on every client (mostly because I don’t know how to do this).
  8. I’d like to authenticate users and derive user rolls against a database

So, given the above scenario, my first thought is to implement username token over X.509 transport. What other strategy should I consider given the scenario above

Thanks,

Greg




Answer this question

Which security strategy may work for my sceario?

  • FrancoJS

    Hi Greg,

    I think the UsernameToken over X509 is ok, but you can also consider Username over Transport security (It uses Https to secure the channel).

    For the first approach, UsernameOverX509, you should enable the service certificate negotiation in order to avoid installing the service certificate in the client application.

    This article in the MSDN describes very well what are the differences between using a transport security approach and a message security approach

    http://msdn.microsoft.com/practices/default.aspx pull=/library/en-us/dnpag2/html/wss_ch3_intro.asp

    Regards,

    Pablo.



  • Question One

    Thanks Pablo, I think using Username over SSL is a great idea. Please correct me if I'm wrong but it seems to me that there are no defaut bindings that support Username over SSL, so I assume that I'd have to configure a custom binding



  • A911Pro

    You could use TranportWithMessageCredential. I think this would work for you.

    WSHttpBinding binding = new WSHttpBinding();

    binding.Security.Mode = SecurityMode.TransportWithMessageCredential;

    binding.Security.Message.ClientCredentialType = MessageCredentialType.UserName;

    Thanks!

    Scott



  • Which security strategy may work for my sceario?
Answer this question