Cop sd Abstract_Security_Interactions Client Secured Service RequestPreconditions ExposePreconditions PrepareRequiredInformation AccessServiceRequiredInformation ServiceResponse Figure 2, Abstract Security Interactions 10 SOAP Binding For OGC services, SOAP is one possible binding, which must be specified for every new service specification. Moreover, SOAP is the basis for most SOA infrastructures in the mainstream IT world. OWS-6 testbed placed a strong focus on security for SOAP-based services.

10.1 Relevant Standards

For SOAP there are several existing security-related standards which can be applied to OWS infrastructures. The starting point when binding to a secured service is to request the service’s security requirements. These security-related metadata can be described with WS-SecurityPolicy [18] as part of a WS-Policy [16] description. A standardized way to access the WS-Policy description of a service is defined by WS- MetadadaExchange [15]. WS-MetadataExchange makes typical service-related metadata accessible, besides WS-Policy also including WSDL. The security metadata may define requirements for communication with a secured service, such as the requirement for encrypted communication either on message level or on transport layer level, required signatures on messages or message parts, and required security information. yright © 2009 Open Geospatial Consortium, Inc. 15 16 Copyright © 2009 Open Geospatial Consortium, Inc. An example of required security information would be authentication information. WS- SecurityPolicy is able to require certain token formats and can also refer to trusted issuers for those tokens by using WS-Addressing [14]. Security tokens can be issued by a Security Token Service STS defined by WS-Trust [19]. An STS is primarily designed to issue tokens. It can be used to either convert a token from a certain format into a different format, or to convert tokens from one security domain into tokens of another security domain. Within OWS-6, an STS is used as authentication service. This STS provides Identity Assertions expressed in Security Assertion Markup Language SAML [12] which can be used to authenticate at a PEP. The STS also expresses its security requirements by WS- SecurityPolicy and thus can require a username token including credentials which can be used for authentication purposes. Whenever communication has to be secured, WS-Security [17] can be applied to provide encryption on message level, using XML Encryption [20], and to provide signatures on messages or message parts following XML Signature [21]. WS-Security furthermore defines several profiles describing how to attach security tokens to SOAP messages in order to transmit them along with a request to a service.

10.2 Protocol