Web Services Security with WSE 2.0 Muhammad Saqib Ilyas

Slides:



Advertisements
Similar presentations
Public Key Infrastructure and Applications
Advertisements

Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.
Presented by Fengmei Zou Date: Feb. 10, 2000 The Secure Sockets Layer (SSL) Protocol.
An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.
Grid Security Infrastructure Tutorial Von Welch Distributed Systems Laboratory U. Of Chicago and Argonne National Laboratory.
WS-Security TC Christopher Kaler Kelvin Lawrence.
Core Web Service Security Patterns
© 2007 Charteris plc20 June Extending Web Service Security with WS-* Presented by Chris Seary MVP Charteris plc, Bartholomew Close, London.
Chapter Extension 23 SSL/TLS and //https © 2008 Pearson Prentice Hall, Experiencing MIS, David Kroenke.
1 CPSC156: The Internet Co-Evolution of Technology and Society Lectures 19,20, and 21: April 5, 10, and 12, 2007 Cryptographic Primitives.
TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand.
Web services security I
Prashanth Kumar Muthoju
Overview of Digital Signatures Introduction To Networks and Communications (CS 555) Presented by Bharath Kongara.
1 Web Services Security XML Encryption, XML Signature and WS-Security.
X.509 Certificate management in.Net By, Vishnu Kamisetty
Security COMP6017 Topics on Web Services Dr Nicholas Gibbins –
AQA Computing A2 © Nelson Thornes 2009 Section Unit 3 Section 6.4: Internet Security Digital Signatures and Certificates.
Sagar Joshi Senior Security Consultant | ACE Team, Microsoft Information Security
ECE509 Cyber Security : Concept, Theory, and Practice Cryptography Spring 2014.
Web Services Security Standards Overview for the Non-Specialist Hal Lockhart Office of the CTO BEA Systems.
Cryptography  Why Cryptography  Symmetric Encryption  Key exchange  Public-Key Cryptography  Key exchange  Certification.
Chapter 37 Network Security. Aspects of Security data integrity – data received should be same as data sent data availability – data should be accessible.
Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.
E-commerce What are the relationships among: – Client (i.e. you) – Server – Bank – Certification authority Other things to consider: – How to set up your.
©The McGraw-Hill Companies, Inc., 2000© Adapted for use at JMU by Mohamed Aboutabl, 2003Mohamed Aboutabl1 1 Chapter 29 Internet Security.
Web Security : Secure Socket Layer Secure Electronic Transaction.
Digital Envelopes, Secure Socket Layer and Digital Certificates By: Anthony and James.
1 Securing Data and Communication. 2 Module - Securing Data and Communication ♦ Overview Data and communication over public networks like Internet can.
WS-Security Protocol Ramkumar Chandrasekharan CS 265.
Random Logic l Forum.NET l Web Services Enhancements for Microsoft.NET (WSE) Forum.NET ● October 4th, 2006.
1 Information Security Practice I Lab 5. 2 Cryptography and security Cryptography is the science of using mathematics to encrypt and decrypt data.
Web305 Security Practices for Web Services (Part 1) : Now I Understand Eric Schmidt Technical Evangelist Platform Strategy & Partner Group Microsoft Corporation.
Secure Systems Research Group - FAU Patterns for Web Services Security Standards Presented by Keiko Hashizume.
Prabath Siriwardena – Software Architect, WSO2. Patterns Standards Implementations Plan for the session.
Security Patterns for Web Services 02/03/05 Nelly A. Delessy.
Web Services Security with Visual Studio 2005 Muhammad Saqib Ilyas
Encryption Basics Module 7 Section 2. History of Encryption Secret - NSA National Security Agency –has powerful computers - break codes –monitors all.
1 Thuy, Le Huu | Pentalog VN Web Services Security.
Group 9 Chapter 8.3 – 8.6. Public Key Algorithms  Symmetric Key Algorithms face an inherent problem  Keys must be distributed to all parties but kept.
Web Services Security Patterns Alex Mackman CM Group Ltd
Virtual Private Network (VPN)
©Brooks/Cole, 2003 Chapter 16 Security. ©Brooks/Cole, 2003 Define four aspects of security in a network: privacy, authentication, integrity, and nonrepudiation.
Jump to first page Internet Security in Perspective Yong Cao December 2000.
Andrew J. Hewatt, Gayatri Swamynathan and Michael T. Wen Department of Computer Science, UC-Santa Barbara A Case Study of the WS-Security Framework.
Web Services Security INFOSYS 290, Section 3 Web Services: Concepts, Design and Implementation Adam Blum
Web Services Security Mike Shaw Architectural Engineer.
Security. Cryptography (1) Intruders and eavesdroppers in communication.
1 WS-Security Yosi Taguri Microsoft Israel
Secure Instant Messenger in Android Name: Shamik Roy Chowdhury.
Security in OPC Unified Architecture (UA) Dick Oyen IndustrialSysDev, Inc.
Encryption and Security Tools for IA Management Nick Hornick COSC 481 Spring 2007.
Database Management Systems, 3ed, R. Ramakrishnan and J. Gehrke1 Database architecture and security Workshop 4.
© ETNIC l l Anne Noseda l WSGenCon 2.0 Presentation 1 WSGenCon /02/2010 E2SA – Equipe Support Standard Architecture.
Network Security Chapter 8 roadmap 8.1 What is network security? 8.2 Principles of cryptography (confidentiality) 8.3 Message integrity 8.4 End-point authentication.
ESRIN, 15 July 2009 Slide 1 Web Service Security support in the SSE Toolbox HMA-T Phase 2 FP 14 December 2009 S. Gianfranceschi, Intecs.
The Secure Sockets Layer (SSL) Protocol
Web Applications Security Cryptography 1
Unit 3 Section 6.4: Internet Security
The Secure Sockets Layer (SSL) Protocol
Presentation transcript:

Web Services Security with WSE 2.0 Muhammad Saqib Ilyas

Speaker.Bio.ToString() Assistant Professor, N.E.D. University Country Leader, INETA Pakistan MVP IEEE Student Branch Counselor Secretary/Treasurer IEEE Communications Society, Karachi Chapter Member IEEE Karachi Section Executive Committee

Agenda Security Basics WSE 2.0 programming model Demos

Security Basics Encryption Asymmetric Symmetric Message Digest Digital Signature

Public key (asymmetric) Messages encrypted with private key, decrypted with public key Vice versa e.g., RSA, Diffie Hellman Confidentiality and authentication Computationally expensive

Symmetric Same key for encryption and decryption e.g., DES Share the key securely

Message digest Computes a value unique to a message Hashing Integrity

Digital signature Compute a message digest over a message Encrypt the message digest using private key Transmit signature with message Decrypt signature using public key

Securing web services Use lower layer security such as SSL Limitations

WSE 2.0 Provides support for WS-* standards Includes security Approximately 8 MB download

WSE 2.0 Architecture Input and output filters Proxy base class WebServicesClientProtocol SoapContext object records particular options: –Username token –Certificate Security token manager

WSE Programming Configured in web.config Using GUI tool Add reference to: –Microsoft.Web.Services2.dll Microsoft.Web.Services2 Microsoft.Web.Services2.Security Microsoft.Web.Services2.Security.Tokens

Specifications supported WS-Security WS-SecurityPolicy WS-SecureConversation WS-Trust WS-Referral WS-Addressing WS-Policy DIME (Direct Internet Message Encapsulation) WS-Attachments

Demo Implementing a SOAP extension Signing using username/password tokens Installing X.509 certificates Signing using X.509 certificates Encryption using multiple tokens

Links

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.