Windows Communication Foundation: The Security Model
Securing communications has never been easier. See how to set up the Windows Communication Foundation (WCF) on your system, and use configuration-based security to add or change the security requirements for your applications.
by Laurence Moroney
Nov 7, 2005
Page 1 of 4
n today's world, if you cannot communicate securely using technology you may as well not communicate at all. There are countless ways that information can be taken and misused by others to the detriment of you and your business. For these reasons, Windows Communication Foundation has security at its heart, and offers many options for securing your communications to ensure that they reach their destination intact and untouched.
Discussions of security include many terms, so for the sake of clarity I want to introduce them quickly here, and map them to the real-world scenario of a person entering a country at a border crossing.
Credentials are difficult-to-forge proofs of identity. In the border-crossing scenario, the obvious credential is a passport; when entering a country you show a passport as a document that is difficult to forge, recognized as a valid credential and in your possession.
Authentication is the process of challenging an entity to prove identity. Presentation of credentials is sometimes, but not always enough. Passport authentication typically takes place when border agents 'swipe' the passport through the system as a check on its validity. It also relies on a visual inspection by border agents, comparing the passport photograph with the person in front of them. Other methods of authentication may include retinal scans, fingerprinting or palming.
Authorization is the process of allowing the entity to perform certain actions, denying those actions to others. In our scenario, this is analogous to the visa that allows entry at the border point. Some visas allow only a 30-day stay and no employment, some allow several years' stay and employment for a stated employer, some allow full citizens rights in the target country. At the point of entry you are usually challenged as to your reason for entry, and this is authorized against your visa. In addition, after entry, when you try to do a specific task, such as find a job, you are required to show proof that you are authorized to do so.
In addition to these three primary terms, there are a couple of additional communications terms that need to be clarified up front: Message Integrity and Message Confidentiality.
Message Integrity is the prevention of message tampering. When a message travels from party A to party B, the message sent should be the same as the message delivered. In olden times, important messages were written on paper and sealed in an envelope using wax, upon which an identifiable impression was made using a signet ring or other seal. Upon receipt, party B would inspect the envelope, and if the wax was broken, or a different (fake) signet ring or seal was used, they would know that the message had been tampered with and couldn't be trusted. Nowadays as messages travel as electrons across a wire far more foolproof methodology is needed.
Message Confidentiality prevents message contents from being visible to anyone but the intended recipient. As an example, in World War 2, many allied messages were encoded using Native American languages and transported securely from A to B. Messages intercepted by the enemy were useless to them, because they lacked Native American speakers who could translate for them.
Now, while all this is fascinating, it's time to see what you can do with the Windows Communication Foundation so that your communiqués can be secured, have message integrity and confidentiality and use Authentication and Authorization schemes.
If you haven't done so already, now would be a good time to take a look at DevX's WCF primer, where you can get up and started with WCF.
Before you start, you should be aware that WCF is still in its beta cycle, and as such, it isn't particularly easy to get installed and running correctly. In addition, many resources you will find on the Internet (including some of them on MSDN) refer to earlier builds, so they're out of date with respect to the current model and that can lead to great confusion when you're trying to build services. In particular the web.config schema supports drastically different tags than most of those you'll find out on the net. (For example, many documentation and article pages use the tag within web.config to configure WS-Security, but that tag is now deprecatedyou should use the tag instead. In addition to this, many of the child elements of the former tag have changed drastically.