Secure Systems Research Group - FAU A Pattern for XML Signature Presented by Keiko Hashizume.

Slides:



Advertisements
Similar presentations
XML DIGITAL SIGNATURE ASIM REHMAN YURI ALEGRIA. Introduction What is a digital signature Digital signature provides a mechanism for assuring integrity.
Advertisements

Web Service Security CS409 Application Services Even Semester 2007.
6/1/20151 Digital Signature and Public Key Infrastructure Course:COSC Instructor:Professor Anvari Student ID: Name:Xin Wen Date:11/25/00.
Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Exchange Network Key Management Services A Security Component February 28, 2005 The Exchange Network Node Mentoring Workshop.
Making VLAB Secure Javier I. Roman. What is VLAB?  An interdisciplinary consortium dedicated to the development and promotion of the theory of planetary.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.
Securing Web Services Using Semantic Web Technologies Brian Shields PhD Candidate, Department of Information Technology, National University of Ireland,
Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.
Web services security I
CSE 597E Fall 2001 PennState University1 Digital Signature Schemes Presented By: Munaiza Matin.
Overview of Digital Signatures Introduction To Networks and Communications (CS 555) Presented by Bharath Kongara.
Secure Systems Research Group - FAU Web Services Standards Presented by Keiko Hashizume.
Digital Signature Xiaoyan Guo/ Xiaohang Luo/
INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures.
Digital Signature Technologies & Applications Ed Jensen Fall 2013.
Secure Systems Research Group - FAU Patterns for Digital Signature using hashing Presented by Keiko Hashizume.
Security using Encryption Security Features Message Origin Authentication - verifying that the sender is who he or she says they are Content Integrity.
Implementation Of XML DIGITAL SIGNATURES Using Microsoft.NET.
16.2 Digital Signatures By: John Barton. What is a Digital Signature? The idea comes from the idea of signing a document by its author (authenticating.
CS555Topic 211 Cryptography CS 555 Topic 21: Digital Schemes (1)
AQA Computing A2 © Nelson Thornes 2009 Section Unit 3 Section 6.4: Internet Security Digital Signatures and Certificates.
XML Signature Prabath Siriwardena Director, Security Architecture.
Florida Atlantic University Department of Computer and Electrical Engineering &Computer Science ( CEECS ) Secure Systems Research Group Fall 2009 “A Pattern.
Web Services Security Standards Overview for the Non-Specialist Hal Lockhart Office of the CTO BEA Systems.
©The McGraw-Hill Companies, Inc., 2000© Adapted for use at JMU by Mohamed Aboutabl, 2003Mohamed Aboutabl1 1 Chapter 29 Internet Security.
Secure Systems Research Group - FAU Using patterns to compare web services standards E. Fernandez and N. Delessy.
Secure Systems Research Group - FAU Web Services Cryptographic Patterns Presented by Keiko Hashizume Advisor: Prof. Eduardo Fernandez.
ITIS 1210 Introduction to Web-Based Information Systems Chapter 50 Cryptography, Privacy, and Digital Certificates.
Digitally Signed Transcripts Department of Computer Science, University of Wisconsin – Eau Claire Student Researcher: Kevin M. Spinar
Chapter 16 Security Introduction to CS 1 st Semester, 2012 Sanghyun Park.
17 March 2008 © 2008 The University of Edinburgh, European Microsoft Innovation Center and University of Southampton IT Innovation Centre 1 NextGRID Security.
Secure Systems Research Group - FAU 1 Active Replication Pattern Ingrid Buckley Dept. of Computer Science and Engineering Florida Atlantic University Boca.
Secure Systems Research Group - FAU Patterns for Web Services Security Standards Presented by Keiko Hashizume.
W3C Web Services Architecture Security Discussion Kick-Off Abbie Barbir, Ph.D. Nortel Networks.
 A Web service is a method of communication between two electronic devices over World Wide Web.
Secure Systems Research Group - FAU A Trust Model for Web Services Ph.D Dissertation Progress Report Candidate: Nelly A. Delessy, Advisor: Dr E.B. Fernandez.
Lecture 16: Security CDK4: Chapter 7 CDK5: Chapter 11 TvS: Chapter 9.
Digital Signatures, Message Digest and Authentication Week-9.
DIGITAL SIGNATURE.
Security Patterns for Web Services 02/03/05 Nelly A. Delessy.
Secure Systems Research Group - FAU 1 WS-Reliability Pattern Ingrid Buckley Dept. of Computer Science and Engineering Florida Atlantic University Boca.
XML Signature Choi, Yoon-jung. Outline Introduction Introduction Structure Structure Structure - Example Structure - Example Creation Creation.
Task Force CoRD Meeting / XML Security for Statistical Data Exchange Gregory Farmakis Agilis SA.
DIGITAL SIGNATURE(DS) IN VIDEO. Contents  What is Digital Signature(DS)?  General Signature Vs. Digital Signatures  How DS is Different from Encryption?
Jump to first page Internet Security in Perspective Yong Cao December 2000.
Andrew J. Hewatt, Gayatri Swamynathan and Michael T. Wen Department of Computer Science, UC-Santa Barbara A Case Study of the WS-Security Framework.
Network Security Celia Li Computer Science and Engineering York University.
Web Services Security INFOSYS 290, Section 3 Web Services: Concepts, Design and Implementation Adam Blum
Web Services Security Standards Dr. Phillip M. Hallam-Baker C.Eng. FBCS VeriSign Inc.
Web Services Security Mike Shaw Architectural Engineer.
Presented by: Sonali Pagade Nibha Dhagat paper1.pdf.
Content Introduction History What is Digital Signature Why Digital Signature Basic Requirements How the Technology Works Approaches.
Florida Atlantic University Department of Electrical and Computer Engineering &Computer Science ( ECECS ) &Computer Science ( ECECS ) Security Systems.
 Introduction  History  What is Digital Signature  Why Digital Signature  Basic Requirements  How the Technology Works  Approaches.
S/MIME T ANANDHAN.
Tim Bornholtz Director of Technology Services
Presentation transcript:

Secure Systems Research Group - FAU A Pattern for XML Signature Presented by Keiko Hashizume

Secure Systems Research Group - FAU Outline Introduction A Pattern for WS-Security Conclusion

Secure Systems Research Group - FAU Introduction Digital signature existed before XML Signature. One of the most common is PKCS#7 Signature. Before XML Signature, it was possible to sign XML documents, but it was not possible to express the signature in an XML format. Also, it was not possible to sign only some parts of the document. XML Signature was developed by the W3C and the IETF (Internet Engineering Task Force).

Secure Systems Research Group - FAU A Pattern for WS-Security XML Signature standard describes the syntax and the process of generating and validating digital signatures. XML Signature provides message integrity, message authentication, and non-repudiation. Context – Users of web services send and receive SOAP messages through insecure channel such as the Internet.

Secure Systems Research Group - FAU Problem Because SOAP messages travel through insecure channels, they may be intercepted and modified while they are in transit. The solution for this problem is affected by the following forces: – We need to express a digital signature in a standardized XML format, so interoperability can be ensured between applications.

Secure Systems Research Group - FAU Problem Forces… – Messages may be captured while they are in transit, so we need to be able to verify if this data was modified. – Messages can be sent and later disavowed, so we need to prevent senders to deny having sent a specific message. – An XML message, any part of an XML message, or external resources can be signed. We need a way to refer and locate these elements. – XML documents may be parsed by different processors, and also XML allows some flexibility without changing the semantic of the message. Thus, we need to convert the data to a standard format.

Secure Systems Research Group - FAU Solution – Structure - Class Diagram Structure

Secure Systems Research Group - FAU Signature Types Enveloping Signature

Secure Systems Research Group - FAU Signature Type Enveloped Signature

Secure Systems Research Group - FAU Signature Type Detached Signature

Secure Systems Research Group - FAU Signature Type Detached Signature

Secure Systems Research Group - FAU – Dynamics Sequence Diagram for the UC: Sign an XML-Element

Secure Systems Research Group - FAU Consequences This pattern presents the following advantages: – XML Signature describes a common framework for digital signatures. – Using digest algorithms guarantee that any change in the message will invalidate the signature. – A signature is generated using the sender’s private key. Because the sender is the only one that knows his private key, he cannot deny signing the data. – The data being signed is referred by its URI (Uniform Resource Identifier), so elements within XML messages and external resources can be located using their identifiers. – XML Signature uses canonicalization algorithms to ensure that different representations of XML are transformed into a standard format before applying any digest algorithm.

Secure Systems Research Group - FAU Consequences The pattern also has some (possible) liabilities: – Large overhead because of the use of many types of algorithms such as digest, canonicalization and signature algorithms.

Secure Systems Research Group - FAU Known Uses Several vendors have developed products that support WS-Security. – Xtradyne’s WS-DBC (Web Service Domain Boundary Controller) dbc/WSDBCfeatures.htm dbc/WSDBCfeatures.htm – IONA Artix df df – Forum Sentry™ – SecureXML Digital Signature Web Service

Secure Systems Research Group - FAU Related Patterns – WS-Security Standard uses XML Signature.

Secure Systems Research Group - FAU Conclusion We need to develop patterns for the WS – family such as WS-Policy, WS-Privacy, WS- SecureConversation, WS-Federation, and WS- Authorization. We need to develop a pattern diagram describing how this standards are related to each other.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.