SWIM Laboratory Update - PowerPoint PPT Presentation

1 / 20

About This Presentation

Title:

SWIM Laboratory Update

Description:

Demonstrations and Prototypes TIM 7 SWIM Laboratory Update – PowerPoint PPT presentation

Number of Views:116

Avg rating:3.0/5.0

Slides: 21

Provided by: MTO137

Learn more at: http://www.faa.gov

Category:

more less

Transcript and Presenter's Notes

Title: SWIM Laboratory Update

1
SWIM Laboratory Update
Demonstrations and Prototypes TIM 7
2
SWIM Laboratory

Consists of 2 facilities

3
SWIM Integration Facility
SIF (SWIM Integration Facility)
SPF (SWIM Prototype Facility)

SWIM COTS Products Repository
SWIM COTS FOSS Working Group
NAS Services Registry Repository (NSRR)
Other
SWIM Wiki
Security Vulnerability Analysis of SWIM
Products
Support Segment 2 User prototypes

4
Product Inventory Functional
SWIM Products Open Source Software Proprietary Software
WS Stack Fuse Services Framework Artix ESB
SC Enterprise Integration Patterns (EIP) Fuse Mediation Router Fuse ESB
Message Oriented Middleware (MOM) Fuse Message Broker
Enterprise Service Bus (ESB) Fuse ESB
System Management Subsystem (SMS) Fuse HQ, Artix Enterprise Management Plug-in
Information Grid Data eXtend Semantic Integrator (DXSI)
COTS Product Repository Nexus
OSGI runtime endpoint management ARTIX Reg/Rep (Depot)
Registry/Repository HP-soa-systinet-eclipse-plugin HP-soa-systinet-visual-studio-plugin HP SOA Systinet HP SOA Registry
Security Artix Connect for WCF, Artix Security
Development Tools/Environment Eclipse, Ant, Maven Fuse Integration Designer
SOA Test Tools soapUI, Actional Diagnostics iTKO Lisa, Actional Team Server
Products being used by SIPs

Available from COTS Repository (https//swimrepo.f
aa.gov)

Available on SWIM ftp (ftp//swimftp.tc.faa.gov)

5
SWIM COTS FOSS Working Group

WG is the vehicle to
Select Fuse product versions that SWIM supports
Facilitate Fuse issue info exchange resolution
Decide need for Fuse improvements
Disseminate product info and track SIP use of
SWIM products
Facilitate monthly meetings
Generate and Maintain
SWIM FUSE Issue Tracker (weekly updates to SWIM
wiki)
SWIM COTS Products Status Report (monthly)
COTS Products Management Plan (annually)

System Wide Information Management
(SWIM) Commercial Off The Shelf and Open Source
Products Status Report
April 27, 2011
6
(No Transcript)
7
NAS Services Registry Repository

Administer Maintain HP SOA Systinet Application
Support users
User documentation
Publishers Guide
Consumers Guide
Administrators Guide
Work with SWIM Governance to assure NSRR
compliant with SWIM policies

8
NSRR
The NAS Services Registry Repository provides a
wide range of functionality
9
SWIM Service Lifecycle Management
The SWIM Registry/Repository accommodates a
custom lifecycle management process
10
SWIM Registry Service Creation
The SWIM Registry/Repository business service
consists of many artifacts
11
Other Implementation Tasks

Administer Maintain SWIM Wiki
Security Vulnerability Analysis of SWIM
Products using Veracode initial trial scan of
Fuse Message Broker executable
Work with SWIM Test COTSWG AWG to add
SIP-related tests to FUSE verification activity
Support Segment 2 User prototypes (AIM Common
Status and Structure Data Program)
Provide facility for SWIM Test

SWIM Prototype Facility

13
SWIM Security Reference Implementation (SSRI)

Demonstrate securing Web Services at multiple
levels
Transport (securing communication)
Endpoint (securing access to service)
Message (provide integrity, non-repudiation, etc.
)
Business Logic (ex restricted access to service
operation)
Data (securing data, meta-data)
Demonstrate integration with enterprise level
components and appropriate technologies
Authentication Authorization (LDAP, X.509
certificates, SAML)
Key management (PKI, X.509 certificates)
Java Authentication Authorization Service
(JAAS)
Spring Security
Provide secure Web Service example (code,
configurations), client, and example components

14
oAuth Prototype

Single Sign On / UI
Evaluate use of OAuth 2.0 for common login
infrastructure (contrast with SAML, etc) for
applications that reside within the NAS
Messaging
Evaluate use of two-legged OAuth for message
level security (REST only)
Evaluate interplay with WS-Security,
boundary-crossings
Common (SSO Messaging)
Develop/adopt standard format for user attribute
exchange (e.g., openid connect)
Evaluate OAuth-based representation of NAS
internal attribute authority

15
Recent Work

Segment 2 Prototypes
SWIM Security Reference Implementation
Updated to include FUSE ESB 4.2
Implemented Binary Security Token (BST) security
profile
Implemented Username Token security profile
Implemented Transport Layer Security (TLS)
Updated Build Guide documentation
oAuth Prototypes
Completed Sprint 1 and 2
Design/Develop screens to set up target
applications
Design/Develop user registration screens

16
Messaging Prototype

Pub/Sub Send/Receive Semantics
Reliable Messaging
Enterprise Routing
Content-based Routing
Message Mediation
Message Transport
Message Security
Service and Destination Authorization
Message-Level Integrity and Confidentiality

17
Recent Work

Messaging Prototype
Prototype Plan
Implement JMS broker network
Implement SAN-based clustering and persistence
Implement simulated SIP clients
Document broker cluster and network configuration

18
Recent Work

IKM
XML Gateway Requirements
XML Gateway
Mutual TLS configuration for incoming connections
using self-signed certificates
Authentication of incoming messages via Username
Token
Authentication of incoming messages via Binary
Security Token
Authentication of incoming messages via SAML
Authentication
Insertion of SAML AuthN Assertions into outgoing
messages
Developed draft IKM Requirements
Developed rough draft of IKM CONOPs