Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 XML Encryption Notes from encrypt/index.html by Bilal Siddiqui And “Secure XML” by Eastlake and Niles.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "1 XML Encryption Notes from encrypt/index.html by Bilal Siddiqui And “Secure XML” by Eastlake and Niles."— Presentation transcript:

1 1 XML Encryption Notes from http://www-106.ibm.com/developerworks/library/x- encrypt/index.html by Bilal Siddiqui And “Secure XML” by Eastlake and Niles Addison Wesley

2 2 Not a replacement for SSL XML Encryption adds Encrypting part of the data being exchanged Secure sessions between more than two parties

3 3 General Form 1 Cipher Text Gibberish in Base 64

4 4 General Form 2 pointer (URL) to gibberish

5 5 Replaces the encrypted element or Serves as the new document root May contain a KeyInfo element that describes the key needed for decryption (borrowed from XML Digital Signature) EncryptedData is the core element

6 6 General Example (1) …

7 7 General Example (2) …. Medical gibberish

8 8 General Example (3) Pay gibberish

9 9 Detailed Example (Listing 1) book 123-958-74598 12 123654-8988889-9996874 visa 12-10-2004

10 10 Encrypting the Entire File (Listing 2) A23B45C56 IANA = Internet Assigned Numbers Authority a function of The Internet Corporation for Assigned Names and Numbers

11 11 Encrypting The Payment (Listing 3) book 123-958-74598 12 <EncryptedData Type='http://www.w3.org/2001/04/xmlenc#Element' xmlns='http://www.w3.org/2001/04/xmlenc#'> A23B45C564587 One element

12 12 Encrypting Only the CardId (Listing 4) book 123-958-74598 12 <EncryptedData Type='http://www.w3.org/2001/04/xmlenc#Content' xmlns='http://www.w3.org/2001/04/xmlenc#'> A23B45C564587 visa 12-10-2004

13 13 Encrypting Non-XML Data(Listing 5) <EncryptedData xmlns='http://www.w3.org/2001/04/xmlen#' Type='http://www.isi.edu/in-notes/iana/assignments/media- types/jpeg' > A23B45C56

14 14 Sending a public key(listing 6) <EncryptedKey CarriedKeyName="Muhammad Imran" xmlns='http://www.w3.org/2001/04/xmlenc#'> <ds:KeyInfo xmlns:ds='http://www.w3.org/2000/09/xmldsig#'> 1asd25fsdf2dfdsfsdfds2f1sd23

15 15 Receiving a secret key encrypted to the public key (listing 7) <EncryptedKey CarriedKeyName="Imran Ali" xmlns='http://www.w3.org/2001/04/xmlenc#'> <EncryptionMethod Algorithm= "http://www.w3.org/2001/04/xmlenc#rsa-1_5"/> xyza21212sdfdsfs7989fsdbc

16 16 Data Encrypted to Secret Key (Listing 8) book 123-958-74598 12 Visa 10-10-2005 <EncryptedData Type='http://www.w3.org/2001/04/xmlenc#Element' xmlns='http://www.w3.org/2001/04/xmlenc#'> Imran ali A23B45C564587

17 17 The future ? Use XMLEncryption Use XMLSignature Use a new Public Key Infrastructure

18 18 XKMS PKI HOST XMK Key Management Specification Holds keys, certificates and certificate revocation list Signer Verifier Signed document (SOAP) Verify signature X-KISS XML Key Information Service Specification Register key Revoke Certificate Recover Key X-KRSS XML Key Registration Service Specification Signer generates key pair or requests the pair from the PKI host Key registration request Certificate sent to Signer Signed document sent to Verifier Verifier requests certificate from PKI host Key and certificate sent to Verifier (SOAP) The Signer may request that a certificate be revoked The Signer may request copy of lost keys

Download ppt "1 XML Encryption Notes from encrypt/index.html by Bilal Siddiqui And “Secure XML” by Eastlake and Niles."

Similar presentations

Public Key Infrastructure and Applications

Public Key Infrastructure and Applications
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
XML Encryption Prabath Siriwardena Director, Security Architecture.

XML Encryption Prabath Siriwardena Director, Security Architecture.
Grid Computing, B. Wilkinson, 20045a.1 Security Continued.

Grid Computing, B. Wilkinson, 20045a.1 Security Continued.
Cryptography and Network Security

Cryptography and Network Security
Grid Computing Basics From the perspective of security or An Introduction to Certificates.

Grid Computing Basics From the perspective of security or An Introduction to Certificates.
Grid Security Infrastructure Tutorial Von Welch Distributed Systems Laboratory U. Of Chicago and Argonne National Laboratory.

Grid Security Infrastructure Tutorial Von Welch Distributed Systems Laboratory U. Of Chicago and Argonne National Laboratory.
RIKE Using Revocable Identities to Support Key Escrow in PKIs Nan Zhang, Jingqiang Lin, Jiwu Jing, Neng Gao State Key Laboratory of Information Security,

RIKE Using Revocable Identities to Support Key Escrow in PKIs Nan Zhang, Jingqiang Lin, Jiwu Jing, Neng Gao State Key Laboratory of Information Security,
Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.

Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.

Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.
DESIGNING A PUBLIC KEY INFRASTRUCTURE

DESIGNING A PUBLIC KEY INFRASTRUCTURE
Exchange Network Key Management Services A Security Component February 28, 2005 The Exchange Network Node Mentoring Workshop.

Exchange Network Key Management Services A Security Component February 28, 2005 The Exchange Network Node Mentoring Workshop.
Lesson 12 Cryptography for E-Commerce. Approaches to Network Security Separate Security Protocol--SSL Application-Specific Security--SHTTP Security with.

Lesson 12 Cryptography for E-Commerce. Approaches to Network Security Separate Security Protocol--SSL Application-Specific Security--SHTTP Security with.
WAP Public Key Infrastructure CSCI 5939.02 – Independent Study Fall 2002 Jaleel Syed Presentation No 5.

WAP Public Key Infrastructure CSCI – Independent Study Fall 2002 Jaleel Syed Presentation No 5.
16.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

16.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
An Introduction to Security Concepts and Public Key Infrastructure (PKI) Mary Thompson.

An Introduction to Security Concepts and Public Key Infrastructure (PKI) Mary Thompson.
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.

Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
Web Services Security Multimedia Information Engineering Lab. Yoon-Sik Yoo.

Web Services Security Multimedia Information Engineering Lab. Yoon-Sik Yoo.
Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.

Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.
CERTIFICATES “a document containing a certified statement, especially as to the truth of something ”

CERTIFICATES “a document containing a certified statement, especially as to the truth of something ”

Similar presentations

Ads by Google