S90.20 無料問題集「SOA Security Lab」

（A）A single sign-on mechanism is implemented. The Brokered Authentication pattern is applied together with the Data Origin Authentication pattern. Service A is redesigned to use holder-of-key based subject confirmation SAML assertions. This way, Service A only needs to send its Username token once to Service B.
Service B then acts as the authentication broker by issuing a SAML token to Service A and then further sends the SAML token to Services C and D on behalf of Service Consumer A and Service A.
Service B signs the SAML assertion in order to ensure its authenticity and integrity during message exchanges with Services C and D.

（B）The Direct Authentication pattern is applied together with an authentication process that uses digital certificates and digital signatures instead of Username tokens. The digital certificate of Service Consumer A is attached to all subsequent request messages issued by Services A, B, C and D and these request messages are further signed by a private key.

（C）A single sign-on mechanism is implemented. The Brokered Authentication pattern is applied, resulting in Service A becoming the authentication broker. The authentication broker authenticates the security credentials received from Service Consumer A against the identity store. After successful authentication, the authentication broker issues a signed SAML token for Service Consumer A.
The SAML token is subsequently provided to Services B.C. and D by Service A, on behalf of Service Consumer A.

（D）A single sign-on mechanism is implemented. The Brokered Authentication pattern is applied together with the Data Origin Authentication pattern. A separate authentication broker utility service is added in between Service Consumer A and Service A.
This requires that Service A send its Username token only once to Service B.
Service B then acts as a secondary authentication broker and authenticates Service Consumer A and Service A using the identity store. If the authentication is successful, Service B generates a shared secret key to be used as a session key during communication with Services C and D.
Because the session key is only known by these services, it can be used authenticates the services to each other.

（A）None of the above

（B）Apply the Direct Authentication pattern in order to protect message exchanges between Service A and its service consumers and between Service A and Service B.
This approach will establish a password-based authentication mechanism that relies on a local identity store and will therefore prevent access by attackers.

（C）Apply the Data Origin Authentication pattern to protect the final report sent by Service A to its service consumer. Service A can generate a message digest of the final report, after which it can sign the digest with its own private key. It then can send both the final report and the signed message digest to its service consumer. This service consumer can generate its own message digest, decrypt the signed digest using the public key of Service A (which proves that Service A sent the message), and then compare the two digests. If the digests match, it guarantees that the final report was not tampered with during transmission.

（D）Apply the Service Perimeter Guard pattern in order to protect message exchanges between Service A and its service consumers. Apply the Direct Authentication pattern in order to protect message exchanges between Service A and Service B.

（A）

（B）Apply the Data Origin Authentication pattern together with the Data Confidentiality pattern in order to establish message-layer security that guarantees the confidentiality and integrity of messages exchanged by Service Consumer A and Service A.
Further, a security policy can be created to require that security credentials submitted to Service A must be digitally signed and encrypted and also contain a timestamp to validate the actual time the request was issued. Industry standards that can be used for this solution are WS- Policy, WS-SecurityPolicy, XML-Encryption, and XML-Signature.

（C）Apply the Service Perimeter Guard pattern together with the Trusted Subsystem pattern to establish a perimeter service that can perform security functions on behalf of Service A.
The utility service can verify the validity of the request messages from Service Consumer A by authenticating the request message against an identity store. If the request message is authenticated, the utility service then sends it to Service A for further processing. All communications between Service A and Service Consumer A can be encrypted using the public key of the intended recipient, and signed using the private key of the sender.
Industry standards that can be used for this solution are XML-Encryption, XML-Signature, and WS-Trust.

（D）Apply the Trusted Subsystem pattern together with the Data Origin Authentication pattern in order to establish a utility service that performs the security processing on behalf of Service A.
Service Consumer A must digitally sign all request messages and encrypt the credential information using the public key of the utility service. The utility service can then verify the security credentials and the digital signature to establish the validity of the request message. If the request message is permitted, the utility service establishes a composite trust domain that encompasses Service Consumer A, Service A, Database A, and the legacy system. Because all communications remain within a single trust domain, malicious intermediaries will not be able to gain access to any exchanged data.

（E）Apply the Service Perimeter Guard pattern to establish a perimeter service that can perform security functions on behalf of Service A.
Next, apply the Data Confidentiality pattern so that the security credential information provided by Service Consumer A with the request message is encrypted with the secret key shared between the perimeter service and Service Consumer A.
The perimeter service evaluates the credentials and if successfully authenticated, forwards the request message to Service A.
Transport-layer security is used to protect message exchanges between Service A and Service Consumer