Presentation is loading. Please wait.

Presentation is loading. Please wait.

WS-SecureConversation

Published byCathleen Antonia McKinney Modified over 5 years ago

Similar presentations

Presentation on theme: "WS-SecureConversation"— Presentation transcript:

1 WS-SecureConversation
Vidya Iyer 3/11/06

2 Web services

3

4 SecureConversation End-to-end security Leverages SSL, and Kerberos
Leverages XMLENC and XMLDSIG Establishes contexts for convenient multi-message communication Initial overhead to establish context, then faster communication

5 Terms Security Token – security related information (ie. X.509 cert, Kerberos ticket, username) Security Context – established authenticated state, and related keys Security Context Token – URI representation of Security Context

6 Creating Secure Contexts

7 Changing contexts Amending, Renewing, Cancel contexts
Requester sends Amend URI And proof of possession of key Recipients authenticate request and update their context Same for Renew, Cancel

8 Deriving keys Common to use SecureContexts to agree on pseudorandom generators to derive keys Uses DeriveKeyToken syntax Syntax is agnostic to key derivation scheme No need to send key material

9 Benefits over SSL End-to-end security XML aware Selective encryption
Easier to nullify existing contexts

10 Questions?

Download ppt "WS-SecureConversation"

Similar presentations

XML Encryption and Derived Keys: Suggestion For a Minor Addition Magnus Nyström RSA.

XML Encryption and Derived Keys: Suggestion For a Minor Addition Magnus Nyström RSA.
GT 4 Security Goals & Plans Sam Meder

GT 4 Security Goals & Plans Sam Meder
cetis Really Complex Web Service Specifications Scott Wilson.

cetis Really Complex Web Service Specifications Scott Wilson.
CS651/551 Federated Trust Systems Alfred C. Weaver

CS651/551 Federated Trust Systems Alfred C. Weaver
WS-SecureConversation Xiuduan Fang. 2 Agenda Introduction Security Context Token Establishing Security Context Deriving Keys SecureCoversation in Action.

WS-SecureConversation Xiuduan Fang. 2 Agenda Introduction Security Context Token Establishing Security Context Deriving Keys SecureCoversation in Action.
A brief look at the WS-* framework Josh Howlett, JANET(UK) TF-EMC2 Prague, September 2007.

A brief look at the WS-* framework Josh Howlett, JANET(UK) TF-EMC2 Prague, September 2007.
Web Service Security CS409 Application Services Even Semester 2007.

Web Service Security CS409 Application Services Even Semester 2007.
Presented by Kennedy Subramoney Specification – Project Leader Resources & Strategy (A Division of Eskom) CR&D Department XMLVend (Online Vending Specification)

Presented by Kennedy Subramoney Specification – Project Leader Resources & Strategy (A Division of Eskom) CR&D Department XMLVend (Online Vending Specification)
Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.

Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
Kerberos Jean-Anne Fitzpatrick Jennifer English. What is Kerberos? Network authentication protocol Developed at MIT in the mid 1980s Available as open.

Kerberos Jean-Anne Fitzpatrick Jennifer English. What is Kerberos? Network authentication protocol Developed at MIT in the mid 1980s Available as open.
WS-Security TC Christopher Kaler Kelvin Lawrence.

WS-Security TC Christopher Kaler Kelvin Lawrence.
Securing Web Services Using Semantic Web Technologies Brian Shields PhD Candidate, Department of Information Technology, National University of Ireland,

Securing Web Services Using Semantic Web Technologies Brian Shields PhD Candidate, Department of Information Technology, National University of Ireland,
Web Service Security CSCI5931 Web Security Instructor: Dr. T. Andrew Yang Student: Jue Wang.

Web Service Security CSCI5931 Web Security Instructor: Dr. T. Andrew Yang Student: Jue Wang.
Web services security I

Web services security I
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 22 – Internet Authentication.

Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 22 – Internet Authentication.
1 Emergency Alerts as RSS Feeds with Interdomain Authorization Filippo Gioachin 1, Ravinder Shankesi 1, Michael J. May 1,2, Carl A. Gunter 1, Wook Shin.

1 Emergency Alerts as RSS Feeds with Interdomain Authorization Filippo Gioachin 1, Ravinder Shankesi 1, Michael J. May 1,2, Carl A. Gunter 1, Wook Shin.
XML Encryption, XML Signature, and Derived Keys: Suggestion For a Minor Addition Magnus Nyström RSA.

XML Encryption, XML Signature, and Derived Keys: Suggestion For a Minor Addition Magnus Nyström RSA.
Secure Systems Research Group - FAU Patterns for Web Services Security Standards Presented by Keiko Hashizume.

Secure Systems Research Group - FAU Patterns for Web Services Security Standards Presented by Keiko Hashizume.
EGEE-II INFSO-RI-031688 Enabling Grids for E-sciencE www.eu-egee.org EGEE and gLite are registered trademarks Security Token Service Valéry Tschopp - SWITCH.

EGEE-II INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks Security Token Service Valéry Tschopp - SWITCH.
An Overview and Evaluation of Web Services Security Performance Optimizations Robert van Engelen & Wei Zhang Department of Computer Science Florida State.

An Overview and Evaluation of Web Services Security Performance Optimizations Robert van Engelen & Wei Zhang Department of Computer Science Florida State.

Similar presentations

Ads by Google