 A Web service is a method of communication between two electronic devices over World Wide Web.

Slides:

Advertisements

Similar presentations

Web Service Security CS409 Application Services Even Semester 2007.

Advertisements

CIS 375—Web App Dev II SOAP.

XML Encryption Prabath Siriwardena Director, Security Architecture.

Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.

1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.

Integration Considerations Greg Thompson April 20 th, 2006 Copyright © 2006, Credentica Inc. All Rights Reserved.

1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:

Lecture 5: security: PGP Anish Arora CIS694K Introduction to Network Security.

6/1/20151 Digital Signature and Public Key Infrastructure Course:COSC Instructor:Professor Anvari Student ID: Name:Xin Wen Date:11/25/00.

Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.

Making VLAB Secure Javier I. Roman. What is VLAB?  An interdisciplinary consortium dedicated to the development and promotion of the theory of planetary.

Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.

Chapter 8 Web Security.

Web services security I

CSE 597E Fall 2001 PennState University1 Digital Signature Schemes Presented By: Munaiza Matin.

E- Business Digital Signature Varna Free University Prof. Teodora Bakardjieva.

Overview of Digital Signatures Introduction To Networks and Communications (CS 555) Presented by Bharath Kongara.

Digital Signature Xiaoyan Guo/ Xiaohang Luo/

Controller of Certifying Authorities PKI Technology - Role of CCA Assistant Controller (Technology) Controller of Certifying Authorities Ministry of Communications.

Security using Encryption Security Features Message Origin Authentication - verifying that the sender is who he or she says they are Content Integrity.

Research on Non-repudiation service By Yi Zhang. Motivation of Non-repudiation In paper-based business Electronic business transactions Less physical.

Implementation Of XML DIGITAL SIGNATURES Using Microsoft.NET.

CS555Topic 211 Cryptography CS 555 Topic 21: Digital Schemes (1)

XML Signature Prabath Siriwardena Director, Security Architecture.

E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.

WS-Security: SOAP Message Security Web-enhanced Information Management (WHIM) Justin R. Wang Professor Kaiser.

Cryptography, Authentication and Digital Signatures

E-Commerce Security Professor: Morteza Anvari Student: Xiaoli Li Student ID: March 10, 2001.

Security Protocols and E-commerce University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.

Chapter 6 Electronic Mail Security MSc. NGUYEN CAO DAT Dr. TRAN VAN HOAI 1.

Cryptography and Network Security (CS435) Part Fourteen (Web Security)

Web Security : Secure Socket Layer Secure Electronic Transaction.

Internet Security. Four Issues of Internet Security Authenticity: Is the sender of a message who they claim to be? Privacy: Are the contents of a message.

XML Web Services Architecture Siddharth Ruchandani CS 6362 – SW Architecture & Design Summer /11/05.

NDSU Lunchbytes "Are They Really Who They Say They Are?" Digital or Electronic Signature Information Rick Johnson, Theresa Semmens, Lorna Olsen April 24,

Internet Security. 2 PGP is a security technology which allows us to send that is authenticated and/or encrypted. Authentication confirms the identity.

Secure Systems Research Group - FAU Patterns for Web Services Security Standards Presented by Keiko Hashizume.

1 Normal executable Infected executable Sequence of program instructions Entry Original program Entry Jump Replication and payload Viruses.

WS-Security Additional Material. Security Element: enclosing information n UsernameToken block u Defines how username-and-password info is enclosed in.

Secure Systems Research Group - FAU A Pattern for XML Signature Presented by Keiko Hashizume.

1 Chapter 7 WEB Security. 2 Outline Web Security Considerations Secure Socket Layer (SSL) and Transport Layer Security (TLS) Secure Electronic Transaction.

Web Services Security INFOSYS 290, Section 3 Web Services: Concepts, Design and Implementation Adam Blum

Copyright 2004 MayneStay Consulting Group Ltd. - All Rights Reserved Jan-041 Security using Encryption Security Features Message Origin Authentication.

Lifecycle Metadata for Digital Objects October 9, 2002 Transfer / Authenticity Metadata.

Presented by: Sonali Pagade Nibha Dhagat paper1.pdf.

Content Introduction History What is Digital Signature Why Digital Signature Basic Requirements How the Technology Works Approaches.

Electronic Banking & Security Electronic Banking & Security.

Real time Stock quotes by web Service and Securing XML for Web Services security. Bismita Srichandan

Firewalls and Tunneling Firewalls –Acts as a barrier against unwanted network traffic –Blocks many communication channels –Can change the design space.

 Introduction  History  What is Digital Signature  Why Digital Signature  Basic Requirements  How the Technology Works  Approaches.

S/MIME T ANANDHAN.

Digital Signature.

11/9/2018 Web Services Security Maria Lizarraga CS691.

Presentation transcript:

 A Web service is a method of communication between two electronic devices over World Wide Web.

 A creates a currency conversion Web service  B uses this Web service to provide the currency conversion functionality to its customers.

 WS-Security ( Web Services Security, short WSS ) is an extension to SOAP to apply security to web services.SOAP

 The protocol was originally developed by IBM, Microsoft, and VeriSign.  WS-Security 1.0 was released on 19 April  Version 1.1 was released on 17 February 2006.

 WS-Security incorporates security features in the header of a SOAP message, working in the application layer.

 How to sign SOAP messages to assure integrity (have they been modified in transit?).  Signed messages also provide non- repudiation (can the sender deny sending them?).  How to encrypt SOAP messages to assure confidentiality (who sent them?).

 Non-repudiation refers to a state of affairs where the purported maker of a statement will not be able to successfully challenge the validity of the statement or contract.

 Confidentiality is a set of rules or a promise that limits access or places restrictions on certain types of information.

 Integrity is a concept of consistency of actions, values, methods, measures, principles, expectations, and outcomes.

 WS-Security offers confidentiality and integrity protection from the creation of the message to it's consumption.

 So instead of ensuring that the content of the communications can only be read by the right server it ensures that it can only be read by the right process on the server

 If there are frequent message exchanges between service provider and consumer, the overhead of XML SIG and XML ENC are significant.

 etc.

 The SignedInfo element contains or references the signed data and specifies what algorithms are used.

 The SignatureValue element contains the Base64 encoded signature result - the signature generated with the parameters specified in the SignatureMethod element - of the SignedInfo element after applying the algorithm specified by the CanonicalizationMethod.

 KeyInfo element optionally allows the signer to provide recipients with the key that validates the signature, usually in the form of one or more X.509 digital certificates. The relying party must identify the key from context if KeyInfo is not present.

 The Object element (optional) contains the signed data if this is an enveloping signature.

 DigestMethod specifies the hash algorithm before applying the hash.

 DigestValue contains the result of applying the hash algorithm to the transformed resource(s).

 KeyInfo element optionally allows the signer to provide recipients with the key that validates the signature.

 The Object element (optional) contains the signed data if this is an enveloping signature.

 xmldsig.html xmldsig.html