IETF Trade Working Group January 2000 XML Messaging Overview January 2000.

Slides:



Advertisements
Similar presentations
Internet Peer-to-Peer Application Infrastructure Darren New Invisible Worlds, Inc.
Advertisements

Many Markets. One Source. Slide 1 RPC & eCommerce January 25, 2000 David Burdett, Commerce One,
SOAP.
Jabber and Extensible Messaging and Presence Protocol (XMPP) Presenter: Michael Smith Cisc 856 Dec. 6, 2005.
CP3397 ECommerce.
1 Lecture 17: SSL/TLS history, architecture basic handshake session initiation/resumption key computation negotiating cipher suites application: SET.
Remote Procedure Call (RPC)
TLS Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.
Cryptography and Network Security
SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.
Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)
7-1 Chapter 7 – Web Security Use your mentality Wake up to reality —From the song, "I've Got You under My Skin“ by Cole Porter.
An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.
CCNA – Network Fundamentals
Chapter 7 Web Security MSc. NGUYEN CAO DAT Dr. TRAN VAN HOAI.
Cryptography and Network Security Chapter 17
Chapter 8 Web Security.
Error Checking continued. Network Layers in Action Each layer in the OSI Model will add header information that pertains to that specific protocol. On.
Applicability Statement v1.1 Feedback: DirectTrust May 5, 2015.
SSL and https for Secure Web Communication CSCI 5857: Encoding and Encryption.
1 © NOKIA Web Service Reliability NOKIA. 2 © NOKIA Content What is reliability ? Guaranteed Delivery Duplicate Elimination Ordering Crash tolerance State.
March 7, 2005MOBIKE WG, IETF 621 Mobility Protocol Options for IKEv2 (MOPO-IKE) Pasi Eronen.
SSL / TLS in ITDS Arun Vishwanathan 23 rd Dec 2003.
An XMPP (Extensible Message and Presence Protocol) based implementation for NHIN Direct 1.
Behzad Akbari Spring 2012 (These slides are based on lecture slides by Lawrie Brown)
E-Commerce Security Professor: Morteza Anvari Student: Xiaoli Li Student ID: March 10, 2001.
Security Protocols and E-commerce University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.
IETF 57, Vienna Slide 1 of 15 IETF TRADE Working Group 17 July 2003, Vienna, Austria Chair: Donald E.Eastlake 3rd.
Cryptography and Network Security (CS435) Part Fourteen (Web Security)
Web Security : Secure Socket Layer Secure Electronic Transaction.
EbXML Message Service Dept of Computer Engineering Khon Kaen University.
Web Client-Server Server Client Hypertext link TCP port 80.
Slide 1 © 2004 Reactivity The Gap Between Reliability and Security Eric Gravengaard Reactivity.
Page 1 IETF TRADE WG 10 August 2001 London
Copyright © 2013 Curt Hill SOAP Protocol for exchanging data and Enabling Web Services.
Security, NATs and Firewalls Ingate Systems. Basics of SIP Security.
Network Security Lecture 27 Presented by: Dr. Munam Ali Shah.
Pertemuan #10 Secure HTTP (HTTPS) Kuliah Pengaman Jaringan.
SMTP Tapu Ahmed Jeremy Nunn. Basics Responsible for electronic mail delivery. Responsible for electronic mail delivery. Simple ASCII protocol that runs.
AMQP, Message Broker Babu Ram Dawadi. overview Why MOM architecture? Messaging broker like RabbitMQ in brief RabbitMQ AMQP – What is it ?
An Analysis of XMPP Security Team “Vision” Chris Nelson Ashwin Kulkarni Nitin Khatri Taulant Haka Yong Chen CMPE 209 Spring 2009.
© 2005 Qwest Communications International Inc. All rights reserved. ASR UOM-Ordering Transport Architecture Proposed Asynchronous Request/Response Model.
ProductExchange 2013 SP1Exchange 2013 RTMExchange 2010 SP3Exchange 2007 SP3 Outlook 2013 SP1 or later MAPI over HTTP Outlook Anywhere Outlook Anywhere.
BEA position on W3C ‘Web Services’ Standards Jags Ramnarayan 11th April 2001.
Electronic Data Interchange
Vijay V Vijayakumar.  Implementations  Server Side Security  Transmission Security  Client Side Security  ATM’s.
Supports the development & implementation of a IPPC Global ePhyto Hub to: Utilize modern Cloud technology. Ensure there is a secure folder for each countries’
Communication Networks NETW 501 Tutorial 2
Cryptography CSS 329 Lecture 13:SSL.
Data Link Layer.
PRESENTATION ON SECURE SOCKET LAYER (SSL) BY: ARZOO THAKUR M.E. C.S.E (REGULAR) BATCH
EAP Applicability IETF-86 Joe Salowey. Open Issues Open Issues with Retransmission and re- authentication Remove text about lack of differentiation in.
TOPIC: HTTPS (Security protocol)
Cryptography and Network Security
WEB SERVICES From Chapter 19 of Distributed Systems Concepts and Design,4th Edition, By G. Coulouris, J. Dollimore and T. Kindberg Published by Addison.
Secure Sockets Layer (SSL)
Using SSL – Secure Socket Layer
Cryptography and Network Security
Pooja programmer,cse department
Cryptography and Network Security
William Stallings Data and Computer Communications
WEB SERVICES From Chapter 19, Distributed Systems
Data Transport Standard (DTS)
Electronic Payment Security Technologies
Cryptography and Network Security
Presentation transcript:

IETF Trade Working Group January 2000 XML Messaging Overview January 2000

IETF Trade Working Group January 2000 Topics Objective History Scope Wrapping Documents Exchanging Documents Reliable Messaging Security and Authentication

IETF Trade Working Group January 2000 Objective “XML Messaging provides a generic approach to the reliable, resilient, secure, tamper resistant, authenticated exchange of XML or other electronic documents over insecure, unreliable transport mechanisms” Under development by the IETF TRADE Working Group

IETF Trade Working Group January 2000 History

IETF Trade Working Group January 2000 History - started with IOTP Contents: How to do purchases offers, brand selection, payments, delivery... How to exchange messages: How to use Digital Signatures Reliable and resilient message transfer How to report errors How to do audit trails... Internet Open Trading Protocol Specification (version 1.0) Domain Specific Generic Members of IETF Trade Working Group thought that there were many good ideas in the way IOTP handled messages that would be generally applicable... but everything in a single document made it hard to use !

IETF Trade Working Group January 2000 Decided to split IOTP into two specs Internet Open Trading Protocol Specification (version 1.0) XML Messaging Specification Internet Open Trading Protocol Specification (version 2.0) Domain Specific  Current Status: Informational RFC, pilot implementations in Japan, Germany and Canada 80% of ideas from IOTP

IETF Trade Working Group January 2000 XML Messaging Scope Protocol –How to wrap documents –Ways in which documents get exchanged Reliable Messaging –Behavior of systems at each end for reliable once only delivery Security and authentication Types of exchanges supported –Synchronous & Asynchronous Response –One-way messaging –Message Acknowledgements

IETF Trade Working Group January 2000 Wrapping Documents

IETF Trade Working Group January 2000 Envelope How to wrap documents Message Header Message Routing Info Digital Signature(s) Document Contains the additional data needed so that documents can be sent to and successfully processed by a Party Contains information about the route taken by a message in order to get from its origin to its destination Optional, digitally signs the Message Header, and Message Routing Info, document(s) and/or data on the web. Built on forthcoming IETF/W3C standard The actual documents, e.g. a Purchase Order, may be XML Documents or some other electronic document

IETF Trade Working Group January 2000 (MessageType) (TransactionIdentityData) (MessageIdentityData) (To) (From) (AuthorizationData) (ServiceType & Intent) (MessageManifest) (Related Transaction) Message Header Message Header is root element has document URN to identify it Transaction Identity Data identifies the set of related messages, e.g. PO and PO Ack. Message Identity Data contains data to uniquely identify and describe an individual message Message Manifest identifies the other documents in the Message To identifies the source organization and optionally the service that created the Message. From identifies the destination organization, service and intent. All Id’s are logical rather than physical Message Type, e.g. Request, Response, etc Authorization Data identifies who authorizes message to be processed Service Type & Intent identifies the that is being invoked and reason for sending the message Related Transaction identifies other transaction to which this one is related

IETF Trade Working Group January 2000 Message Routing Info (To) (From) (MessageSend) (MessageReSend) (MessageReceipt) (MessageForward) (MessageReceipt) Message Routing Info is root element has document URN to identify it Copied Message Header Data refers to Message Header and copies of To and From. Avoids need to open Message Header Message Send/Resend/Forward contains URL of where to send message to and where response should go. Message Receipt contains record of when/where received. New entries added to end for each “hop” or attempt at sending. Individual entries can be digitally signed.

IETF Trade Working Group January 2000 Exchanging Documents

IETF Trade Working Group January 2000 Exchanging Documents Basic Document Exchange Document Exchange with Persistent Store Synchronous, Asynchronous Document Exchanges and One-Way Messages Handling Errors Canceling a Transaction Exchange Messages Sending Large Documents Multi-hop Messages

IETF Trade Working Group January 2000 Basic Document Exchange Request Message Process the Request Message and Generate a Response Message Response Message Process the Response Message e.g. Purchase Order e.g. Purchase Order Acknowledgement Each Request Message or Response Message follows the structure of a Message described earlier

IETF Trade Working Group January 2000 Document Exchange with use of persistent store Request Message Save the Request Message in persistent store. Process the Request Message, generate a Response Message and save in Persistent store Response Message Save the Response Message and then check the Response Message is OK against the Request Message in persistent store, if OK save the Response Message and process it Generate the Request Message and save it in persistent store Persistent Store Request Message Response Message Request Message Note. The rest of the diagrams won’t include use of persistent store, but usage is always assumed... e.g. Purchase Order e.g. Purchase Order Acknowledgement

IETF Trade Working Group January 2000 Synchronous, Asynchronous Document Exchanges and One-Way Messages

IETF Trade Working Group January 2000 Synchronous Document Exchange Request Message Process the Request Message and Generate a Response Message Response Message Process the Response Message e.g. Purchase Order e.g. Purchase Order Acknowledgement In a Synchronous Document Exchange, the Response Message is generated immediately over the same transport session.

IETF Trade Working Group January 2000 Request Message Process the Request Message and Generate a Response Message Response Message Process the Response Message Check the Request Message is OK... some time later... e.g. Purchase Order e.g. Purchase Order Acknowledgement In an Asynchronous Document Exchange, the Response Message is generated some time later over a separate connection. Asynchronous Document Exchange

IETF Trade Working Group January 2000 Request Message Process the Request Message and Generate a Response Message Response Message Process the Response Message Generate and send a Message Ack.... some time later... In an Asynchronous Document Exchange with Message Acknowledgement the acknowledgement is generated immediately over the same transport session*. The Response Message is generated some time later over a separate connection. e.g. Purchase Order e.g. Purchase Order Acknowledgement Message Ack. Check the Message Ack. Message Ack. Check the Message Ack. * If the Transport Protocol supports open sessions Asynchronous Document Exchange with Message Acknowledgement

IETF Trade Working Group January 2000 One-way Message The one-way message is processed but no business document is generated in response e.g. Request For Proposal One-way Messages do not expect a reply... but may be acknowledged

IETF Trade Working Group January 2000 Document Exchange Variations Handling Errors –Define an error document to report on errors in XML and transient errors Canceling a Transaction –Define how either party can cancel a started transaction, if allowed Exchange Messages –Allow extended swapping of messages between request and final response

IETF Trade Working Group January 2000 Multi-hop Messages

IETF Trade Working Group January 2000 Intermediary Synchronous Multi-hop Document Exchange Buyer Request Message e.g. Purchase Order Supplier Process the Request Message and Generate a Response Message IntermediaryBuyer Response Message e.g. PO Ack Supplier 12 34

IETF Trade Working Group January 2000 Asynchronous Multi-hop Document Exchange IntermediaryBuyer Request Message e.g. Purchase Order Supplier IntermediaryBuyer Response Message e.g. PO Ack Supplier Message Ack Process the Request Message and Generate a Response Message

IETF Trade Working Group January 2000 IntermediaryBuyer Request Message e.g. Purchase Order Supplier IntermediaryBuyer Response Message e.g. PO Ack Supplier Message Ack. 2 6 Process the Request Message and Generate a Response Message Synchronous Asynchronous Mixed Asynchronous/Synchronous Multi-hop Document Exchange

IETF Trade Working Group January 2000 Mixed Transport Protocol Multi-hop Document Exchange IntermediaryBuyer Request Message e.g. Purchase Order Supplier IntermediaryBuyer Response Message e.g. PO Ack Supplier Message Ack. 2 6 Process the Request Message and Generate a Response Message SMTP HTTP

IETF Trade Working Group January 2000 Document Exchange Summary Basic Document Exchange Document Exchange with Persistent Store Synchronous, Asynchronous Document Exchanges and One-Way Messages Handling Errors Canceling a Transaction Exchange Messages Multi-hop Messages

IETF Trade Working Group January 2000 Reliable Messaging

IETF Trade Working Group January 2000 Reliable Messaging Reliable Messaging uses: –Standard Document Exchanges: Transaction Status Inquiry Service Availability Check Quality Of Service Negotiation... and defined behavior for: –idempotency (handling of duplicate messages) –failed message delivery... to provide reliable robust “once-only” delivery of messages

IETF Trade Working Group January 2000 Failed Message Delivery Behavior (i.e. no response received in time) 1) Do a Transaction Status Inquiry 2) If "Not Known", then re-send the original 3) If "In Progress" or “Not Yet Started” then wait. If no response is received then repeat from step 1. 4) If any other response (e.g. "Completed Ok", "Failed", etc.) then re- send first Message - response should be resent. If no response then repeat from step 1. 5) If no response at all to Transaction Status Inquiry then carry out a Service Availability Transaction. 6) If the Service Availability Transaction does not work then in all probability the Service not working. So either: a) wait and try again, or, b) send using another transport protocol 7) If, after several re-tries, still doesn’t work notify creator of original message.

IETF Trade Working Group January 2000 Transaction Status Inquiry Recovering from Delivery Failure Exchange Message Process the Large Document Part Message and Generate Response Large Document Part Exchange Message Large Document Part Ack  Request Message Check to see if anything known about the transaction and respond accordingly Response Message Examine the response and work out what to do Transaction Status Inquiry Request TIMEOUT !!! Transaction Status Inquiry Response Exchange Message Resend

IETF Trade Working Group January 2000 Reliable “Once Only” Message Delivery Transmitter HTTP Client Internet HTTP Server Firewall Listener Failed Message Delivery Behavior Idempotency Behavior Potential points of failure “Failed Message Delivery Behavior” at the “Transmitter” combined with “Idempotency Behavior” at the listener provides Reliable Once Only delivery of the message Business Application Persistent Store

IETF Trade Working Group January 2000 Security and Authentication

IETF Trade Working Group January 2000 Security and Authentication Three techniques (may be used in combination) –Secure channel (e.g SSL/TLS) can authenticate sender with SSL certificates –Digitally sign documents to prove authenticity Documents can then be sent over insecure channels Using XML Document for the signature (vs MIME) means can pass through any number of servers without damage –Authenticate sender use “standard” Authentication” Transaction to verify sender using “Challenge-Response” - means can verify individuals at site beyond SSL “gateway” Encryption out of scope - assumed within XML Document

IETF Trade Working Group January 2000 Current Status

IETF Trade Working Group January 2000 Current Status XML Messaging Requirements Specification submitted as Internet Draft to the IETF Other parts of specification in progress –Common XML Message Elements –Document Exchange and Transactions –Reliable Messaging –Secure Messaging –Document Choreography Definitions –Common Document Exchanges –Transport Protocol Supplements

IETF Trade Working Group January 2000 Summary Objective History Scope Wrapping Documents Exchanging Documents Reliable Messaging Security and Authentication Current Status

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.