Security Concepts Used in WCF
Windows Communication Foundation (WCF) security is built upon concepts already in use and deployed in various security infrastructures.
WCF supports some of those infrastructures, such as Secure Sockets Layer (SSL) over HTTP (HTTPS). However, WCF goes beyond supporting existing security infrastructures by implementing newer interoperable security standards (such as WS-Security) over SOAP-encoded messages. But whether using existing mechanisms or new interoperable standards, the security concepts behind both are the same. Thus, understanding the concepts behind existing infrastructures and the newer standards is central to implementing the best security model for an application. This topic provides overviews of the existing concepts and mechanisms and includes links to more detailed information.
Introduction to Security for Web Services
MSDN contains a valuable introduction to security concepts, especially in regard to WCF, in a set of patterns and practices tutorials at Scenarios, Patterns, and Implementation Guidance for Web Services Enhancements (WSE) 3.0.
Authentication, Authorization, Confidentiality, and Integrity for Web Services
For more information about these basic concepts and their implementation in Windows, see How To: Create a Custom Account to Run ASP.NET 1.1.
Industry-Wide Security Specifications
Public Key Infrastructure
Public key infrastructure (PKI) is a system of digital certificates, certification authorities, and other registration authorities that verify and authenticate the validity of each party involved in an electronic transaction through the use of public key cryptography. For more information, see An Introduction to the Windows 2000 Public-Key Infrastructure.
Kerberos Protocol
The Kerberos protocol is a specification for creating a security mechanism that authenticates users on a Windows domain. It allows a user to establish a secure context with other entities on a domain. Windows 2000 and later platforms use the Kerberos protocol by default. Understanding the mechanisms of the system is useful when creating a service that will interact with intranet clients. In addition, since the Web Services Security Kerberos Binding is widely published, you can use the Kerberos protocol to communicate with Internet clients (that is, the Kerberos protocol is interoperable). For more information about how the Kerberos protocol is implemented in Windows, see Exploring Kerberos, the Protocol for Distributed Security in Windows 2000.
X.509 Certificates
X.509 certificates are a primary credential form used in security applications. A computer running Windows has several kinds of stores, each with a different purpose. For more information about the different stores, see Certificate Stores.
Windows-Specific Security Mechanisms
Windows Identity
A user who is a valid member of a Kerberos-protected domain may, after authentication, want to use other services of the domain. To do this, the user must be able to map his or her Internet identity to a Windows identity. For information about this topic, see An Introduction to the Windows 2000 Public-Key Infrastructure.
Web Services Security Specifications
Secure Conversation
A secure conversation is one in which a security context is established between a client and service. The security context enables messages to flow securely between the client and service for an extended period of time. Each message of the secure conversation is not only secured, but also associated with a conversation ID that either side of the conversation can use to track the progress of a negotiation.
A secure conversation is useful when you need to establish an extended communication session.
In other words, use a secure conversation when a communication requires more than a single (one-time) message from client to service.
Certificate Creation with Authenticode
For more information about using MakeCert.exe and other tools to create temporary certificates, see An Introduction to the Windows 2000 Public-Key Infrastructure.
Authorization Manager
Authorization Manager provides a flexible framework for integrating role-based access control into applications. It enables administrators who use those applications to provide access through assigned user roles that relate to job functions. Authorization Manager applications store authorization policy in the form of authorization stores that are stored in Active Directory or XML files and apply authorization policy at run time.