Presentation is loading. Please wait.

Presentation is loading. Please wait.

 A Web service is a method of communication between two electronic devices over World Wide Web.

Published byLydia Gaines Modified over 8 years ago

Similar presentations

Presentation on theme: " A Web service is a method of communication between two electronic devices over World Wide Web."— Presentation transcript:

1

2

3  A Web service is a method of communication between two electronic devices over World Wide Web.

4  A creates a currency conversion Web service  B uses this Web service to provide the currency conversion functionality to its customers.

5  WS-Security ( Web Services Security, short WSS ) is an extension to SOAP to apply security to web services.SOAP

6  The protocol was originally developed by IBM, Microsoft, and VeriSign.  WS-Security 1.0 was released on 19 April 2004.  Version 1.1 was released on 17 February 2006.

7  WS-Security incorporates security features in the header of a SOAP message, working in the application layer.

8  How to sign SOAP messages to assure integrity (have they been modified in transit?).  Signed messages also provide non- repudiation (can the sender deny sending them?).  How to encrypt SOAP messages to assure confidentiality (who sent them?).

9  Non-repudiation refers to a state of affairs where the purported maker of a statement will not be able to successfully challenge the validity of the statement or contract.

10  Confidentiality is a set of rules or a promise that limits access or places restrictions on certain types of information.

11  Integrity is a concept of consistency of actions, values, methods, measures, principles, expectations, and outcomes.

12  WS-Security offers confidentiality and integrity protection from the creation of the message to it's consumption.

13  So instead of ensuring that the content of the communications can only be read by the right server it ensures that it can only be read by the right process on the server

14  If there are frequent message exchanges between service provider and consumer, the overhead of XML SIG and XML ENC are significant.

15

16

17  etc.

18

19  The SignedInfo element contains or references the signed data and specifies what algorithms are used.

20  The SignatureValue element contains the Base64 encoded signature result - the signature generated with the parameters specified in the SignatureMethod element - of the SignedInfo element after applying the algorithm specified by the CanonicalizationMethod.

21  KeyInfo element optionally allows the signer to provide recipients with the key that validates the signature, usually in the form of one or more X.509 digital certificates. The relying party must identify the key from context if KeyInfo is not present.

22  The Object element (optional) contains the signed data if this is an enveloping signature.

23  DigestMethod specifies the hash algorithm before applying the hash.

24  DigestValue contains the result of applying the hash algorithm to the transformed resource(s).

25  KeyInfo element optionally allows the signer to provide recipients with the key that validates the signature.

26  The Object element (optional) contains the signed data if this is an enveloping signature.

27

28

29

30

31  http://www.xml.com/pub/a/2001/08/08/ xmldsig.html http://www.xml.com/pub/a/2001/08/08/ xmldsig.html

Download ppt " A Web service is a method of communication between two electronic devices over World Wide Web."

Similar presentations

Web Service Security CS409 Application Services Even Semester 2007.

Web Service Security CS409 Application Services Even Semester 2007.
CIS 375—Web App Dev II SOAP.

CIS 375—Web App Dev II SOAP.
XML Encryption Prabath Siriwardena Director, Security Architecture.

XML Encryption Prabath Siriwardena Director, Security Architecture.
Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.

Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.
1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.

1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.
Integration Considerations Greg Thompson April 20 th, 2006 Copyright © 2006, Credentica Inc. All Rights Reserved.

Integration Considerations Greg Thompson April 20 th, 2006 Copyright © 2006, Credentica Inc. All Rights Reserved.
1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:

1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:
Lecture 5: Email security: PGP Anish Arora CIS694K Introduction to Network Security.

Lecture 5: security: PGP Anish Arora CIS694K Introduction to Network Security.
6/1/20151 Digital Signature and Public Key Infrastructure Course:COSC513-01 Instructor:Professor Anvari Student ID:106845 Name:Xin Wen Date:11/25/00.

6/1/20151 Digital Signature and Public Key Infrastructure Course:COSC Instructor:Professor Anvari Student ID: Name:Xin Wen Date:11/25/00.
Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.

Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
Making VLAB Secure Javier I. Roman. What is VLAB?  An interdisciplinary consortium dedicated to the development and promotion of the theory of planetary.

Making VLAB Secure Javier I. Roman. What is VLAB?  An interdisciplinary consortium dedicated to the development and promotion of the theory of planetary.
Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.

Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.
Chapter 8 Web Security.

Chapter 8 Web Security.
Web services security I

Web services security I
CSE 597E Fall 2001 PennState University1 Digital Signature Schemes Presented By: Munaiza Matin.

CSE 597E Fall 2001 PennState University1 Digital Signature Schemes Presented By: Munaiza Matin.
E- Business Digital Signature Varna Free University Prof. Teodora Bakardjieva.

E- Business Digital Signature Varna Free University Prof. Teodora Bakardjieva.
Overview of Digital Signatures Introduction To Networks and Communications (CS 555) Presented by Bharath Kongara.

Overview of Digital Signatures Introduction To Networks and Communications (CS 555) Presented by Bharath Kongara.
Digital Signature Xiaoyan Guo/102587 Xiaohang Luo/104446.

Digital Signature Xiaoyan Guo/ Xiaohang Luo/
Controller of Certifying Authorities PKI Technology - Role of CCA Assistant Controller (Technology) Controller of Certifying Authorities Ministry of Communications.

Controller of Certifying Authorities PKI Technology - Role of CCA Assistant Controller (Technology) Controller of Certifying Authorities Ministry of Communications.
E-mail Security using Encryption Security Features Message Origin Authentication - verifying that the sender is who he or she says they are Content Integrity.

Security using Encryption Security Features Message Origin Authentication - verifying that the sender is who he or she says they are Content Integrity.

Similar presentations

Ads by Google