XML CRYPTOGRAPHY CS 795. NET Sunish Kotla

Slides:

Advertisements

Similar presentations

Public Key Infrastructure and Applications

Advertisements

Smart Card Authentication. Outline for Today Introduction of Smart Card Authentication Different Authentication Techniques Explain Authentication Techniques.

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Public Key Infrastructure Alex Bardas. What is Cryptography ? Cryptography is a mathematical method of protecting information –Cryptography is part of,

Conventional Encryption: Algorithms

IS 302: Information Security and Trust Week 4: Asymmetric Encryption

XML Encryption Prabath Siriwardena Director, Security Architecture.

Grid Security Infrastructure Tutorial Von Welch Distributed Systems Laboratory U. Of Chicago and Argonne National Laboratory.

Cryptography The science of writing in secret code.

Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.

Electronic Transaction Security (E-Commerce)

Apr 9, 2002Mårten Trolin1 Previous lecture TLS details –Phases Handshake Securing messages –What the messages contain –Authentication The second assignment.

Feb 25, 2003Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.

Network Security – Part 2 Public Key Cryptography Spring 2007 V.T. Raja, Ph.D., Oregon State University.

CC3.12 Erdal KOSE Privacy & Digital Security Encryption.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.

Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.

Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.

Mar 5, 2002Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.

1 XML Encryption Notes from encrypt/index.html by Bilal Siddiqui And “Secure XML” by Eastlake and Niles.

Network Security Secure hypertext transfer protocol (https) Cookies Public Key Cryptography.

Lecture 12 Security. Summary  PEM  secure  PGP  S/MIME.

Copyright © 2015 Pearson Education, Inc. Confidentiality and Privacy Controls Chapter

Encryption Methods By: Michael A. Scott

What is Encryption? - The translation of data into a secret code - To read an encrypted file, you must have access to a secret key or password that enables.

Encryption with Generated Keys. Encryption: Symmetric - The same that is used to encrypt the data is also used to decrypt the data. They are all "BLOCK.

Computer Science Public Key Management Lecture 5.

Lecture 19 Page 1 CS 111 Online Security for Operating Systems: Cryptography, Authentication, and Protecting OS Resources CS 111 On-Line MS Program Operating.

Security. Cryptography Why Cryptography Symmetric Encryption – Key exchange Public-Key Cryptography – Key exchange – Certification.

Public-key Cryptography Strengths and Weaknesses Matt Blumenthal.

Encryption Objective 1: Explain data encryption procedures.

Symmetric versus Asymmetric Cryptography. Why is it worth presenting cryptography? Top concern in security Fundamental knowledge in computer security.

Cryptography  Why Cryptography  Symmetric Encryption  Key exchange  Public-Key Cryptography  Key exchange  Certification.

Learning Aid Type Text Page 206 MGS GROUP C Svitlana Panasik.

Cryptography Data communications and networks Momina Tariq: Ambreen Sohail: Data Communications and Networks.

Cryptography and Network Security (CS435) Part Fourteen (Web Security)

Digital Envelopes, Secure Socket Layer and Digital Certificates By: Anthony and James.

PUBLIC KEY CRYPTOSYSTEMS Symmetric Cryptosystems 23/10/2015 | pag. 2.

1 Information Security Practice I Lab 5. 2 Cryptography and security Cryptography is the science of using mathematics to encrypt and decrypt data.

11-Basic Cryptography Dr. John P. Abraham Professor UTPA.

Encryption. What is Encryption? Encryption is the process of converting plain text into cipher text, with the goal of making the text unreadable.

Data Security (File, Database, XML) Team: SecurityGurus Suresh Konda Jiji Nair Pallavi Shetty.

CS 4244: Internet Programming Security 1.0. Introduction Client identification and cookies Basic Authentication Digest Authentication Secure HTTP.

Encryption. What is encryption? Encryption is conversion of original data to another data that can be converted back to original data by authorized persons.

Encryption Basics Module 7 Section 2. History of Encryption Secret - NSA National Security Agency –has powerful computers - break codes –monitors all.

Cryptography Readings Encryption, Decryption, & Digital Certificates.

Krishna Sattiraju CS 792.NET. Overview  What is XML Encryption  Methods for Encryption  Storage of Encrypted Data  Benefits of XML Secure Storage.

From Coulouris, Dollimore, Kindberg and Blair Distributed Systems: Concepts and Design Edition 5, © Addison-Wesley 2012 Slides for Chapter 11: Security.

CIA AAA. C I A Confidentiality I A Confidentiality Integrity A.

Lecture 3 Page 1 CS 236 Online Introduction to Cryptography CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.

Paper On Cryptography CS300 Technical Paper Review Avinash Chambhare Abdus Samad.

Encryption Name : Maryam Mohammed Alshami ID:H

Security. Cryptography (1) Intruders and eavesdroppers in communication.

Security By Meenal Mandalia. What is ? stands for Electronic Mail. much the same as a letter, only that it is exchanged in a different.

ENGR 101 Compression and Encryption. Todays Lecture  Encryption  Symmetric Ciphers  Public Key Cryptography  Hashing.

Real time Stock quotes by web Service and Securing XML for Web Services security. Bismita Srichandan

CRYPTOGRAPHY Cryptography is art or science of transforming intelligible message to unintelligible and again transforming that message back to the original.

Symmetric and Asymmetric Encryption

Cryptography Dr. X.

Security Design.

Cryptography and Network Security

NET 311 Information Security

Install AD Certificate Services

Introduction to Cryptography

Presentation transcript:

XML CRYPTOGRAPHY CS 795. NET Sunish Kotla

OUTLINE What is XML Encryption? Approaches to XML Encryption How Encrypted Data is Stored? Types of XML Encryption Benefits of Xml Cryptography

XML ENCRYPTION W3C standard for encrypting XML elements. Specification that defines how to encrypt data Provides end-to-end security for applications that require secure exchange of structured data.

A PPROACHES TO XML E NCRYPTION Encrypt the xml using symmetric encryption only Encrypt the xml using a combination of asymmetric and symmetric encryption Encrypt the xml using a X.509 Certificate

H OW E NCRYPTED D ATA IS S TORED ? Two approaches:  Whole element is replaced with an element named  Only the data in the element is replaced and its name remains readable in the document

XML DOCUMENT

E NCRYPTED C ODE

N AMESPACES System.Xml System.Security.Cryptography System.Security.Cryptography.Xml

A SYMMETRIC XML E NCRYPTION P ROCESS Select an element in an XML document (selecting the root will encrypt the whole document). Encrypt the element using a symmetric encryption key, known as the session key. Encrypt the session key using asymmetric encryption (the public key is used). Create an EncryptedData element which will contain the encrypted data and the encrypted session key. Replace the original element with the EncryptedData element.

A SYMMETRIC XML D ECRYPTION P ROCESS Select the EncryptedData element in an XML document Decrypt the session key using an asymmetric key (the private key is used) Decrypt the cipher data using the unencrypted symmetric encryption. Replace the EncryptedData element with the unencrypted element.

T YPES OF XML E NCRYPTION Consider the following example: John Smith Example Bank 04/02

E NCRYPTING AN XML E LEMENT John Smith A23B45C56

E NCRYPTING XML E LEMENT C ONTENT John Smith A23B45C56

E NCRYPTING XML E LEMENT C ONTENT (C HARACTER D ATA ) John Smith A23B45C56 Example Bank 04/02

B ENEFITS OF X ML C RYPTOGRAPHY Encrypted data is maintained. Session can be secured on the document level and shared between multiple parties. Sensitive data is easily interchanged between applications.

R EFERENCES  XML Encryption by By: Derek Smyth : aspxDerek Smyth aspx  XML Encryption Syntax and Processing By Takeshi Imamura, Blair Dillaway, Ed Simon  encrypt2/ encrypt2/ 

Thank You!!!