Windows Communication Foundation (WCF) is a secure, reliable, and scalable messaging platform for the .NET Framework 3.0. With WCF, SOAP messages can be transmitted over a variety of supported protocols including IPC (named pipes), TCP, HTTP and MSMQ. Like any distributed messaging platform, you must establish security policies for protecting messages and for authenticating and authorizing calls. This article will discuss how WCF accomplishes this.
The core of WCF security is to address four important features:
Confidentiality: Is the information confidential between the sender and the receiver? This feature will ensure that “unauthorized” parties do not get the opportunity to view the message. You usually achieve this by utilizing encryption algorithms.
Integrity: This feature ensures that the receiver of the message gets the same information that the sender sends without any data tampering. You usually sign messages using digital signatures to achieve integrity.
Authentication: This is to verify who the sender is and who the receiver is. Are they known to the system or the application? Authentication is the process of establishing a clear identity for an entity, for example, by providing evidence such as username and password. Although this is clearly important for a service to understand of its callers, it is equally important that callers have an assurance that the service being called is the expected service and not an impostor.
Authorization: At the authorization stage, you know who the sender or the receiver is. However, you also need to know whether they are authorized to perform the action they are requesting from the application. Authorization can be performed by custom code in the service, native or custom authorization providers, ASP.NET roles, Windows groups, Active Directory, Authorization Manager, and other mechanisms.
These are the key features the WCF security model attempts to address. You achieve the physical implementation of addressing these issues by configuring bindings in WCF. WCF offers a rich set of binding to address these security issues. You also have the flexibility of extending or creating custom bindings to address specific security needs if necessary.
There are two major classifications of security within WCF; both are related to the security of what is transferred between a service and caller (sometimes called transfer security). The first concept is of protecting data as it is sent across the network, or “on the wire.” This is known as transport security. The other classification is called message security and is concerned with the protection that each message provides for itself, regardless of the transportation mechanism used.
Default Security Settings
Each binding has a default set of security settings. Consider the following service endpoint that supports NetTcpBinding.
<system.serviceModel> <services> <service name="HelloIndigo.HelloIndigoService" > <endpoint contract="HelloIndigo.IHelloIndigoService" binding="netTcpBinding" /> </service> </services> </system.serviceModel>
Transport security provides protection for the data sent, without regard to the contents. A common approach for this is to use Secure Sockets Layer (SSL) for encrypting and signing the contents of the packets sent over HTTPS. There are other transport security options as well, and the choice of options will depend on the particular WCF binding used. In fact, you will see that many options in WCF are configured to be secure by default, such as with TCP.
One limitation of transport security is that it relies on every “step” and participant in the network path having consistently configured security.
Message security focuses on ensuring the integrity and privacy of individual messages, without regard for the network. Through mechanisms such as encryption and signing via public and private keys, the message will be protected even if sent over an unprotected transport (such as plain HTTP).
<bindings> <basicHttpBinding> <binding name="MyBinding"> <security mode="TransportCredentialOnly"> <transport clientCredentialType="Windows" /> </security> </binding> </basicHttpBinding> </bindings>