[ebxml-dev] ebXML security

[Douglas Nelson <douglas.nelson@sun.com>]

I would like to start a thread of security issues to discuss what features
need to be included, interfaces, we would like to have and general discusses
of each of the primary features. I am thinking the features should be available
as web service and as an API possible an addition to the java core api's
for web services. I would be interested in what you guys have thinking
about security.  This first cut at the primary features,  you
guys come up with any more, might include the following:

• Administration – An administrator shall have all the tools necessary to define and maintain roles, monitor all security aspects of the framework and to perform maintenance on any of the security modules.
• Auditing – The administrator shall be able to return the framework to any previous state on any given day, view logs and to track changes to the system by other authorized users and administrators.
• Authorization – The framework shall provide a mechanism that will allow an administrator to define roles to access confidential data and resources.
• Authentication – The framework will uniquely identify a user by user id and password or the acceptance credential information from a federated third party server.
• Certificate Management – The administrator will have the ability to accept, delete, track certificates submitted from a trusted third party on behalf of all users registered to the framework.
• Encryption – The framework will provide API (Application Program Interface) to support encryption of all or part of an XML (eXtensible Markup Language) message document.
• Monitoring – The framework will monitor and issue alerts to administrators and support personal when errors, exceptions or general failures occurs.
• Planning for Evolution – The framework will be architected in a object oriented modular fashion to allow new open standards to be introduced without have to effect the pre- established API’s or web services.
• Privacy – The framework will provide a mechanism that will allow documents to be classified and encrypted so that the document may only be view by those to whom the document was intended.
• Redundancy – The framework will have the ability to be load balance and fail over to additional servers.
• Single Sign On - User will have the ability to log on to any of the trusted federated server and be authorized to access data and services by user id and password or any additional federated servers providing the appropriate credentials.
• Time Stamping – The framework will have the ability to sync its internal clock to government run time sync servers to maintain accurate logging and saving of documents for non-repudiation.

Thanks Doug