CS 259 Project XML Security March 2004 Jun

Скачать презентацию CS 259 Project XML Security March 2004 Jun

e1f613a268d4e610592d4d2d447e0248.ppt

Количество слайдов: 26

CS 259 Project: XML Security March, 2004 Jun Yoshida (Visiting Scholar from Hitachi Ltd. )

Project: XML Security uprotocol or system • XML Security (XML Encryption, XML Signature) uproperties which should be preserved • XML elements (ex. credit card number) ukind of attacks • Authentication, Secrecy, Replay attack, . . . utool or method • Murj uself or team • myself

XML <? xml version=‘ 1. 0’? > <Payment. Info xmlns=‘http: //example. org/paymentv 2’> <Name> XML Alice 1234 5678 9012 3456 Example Bank 01 -05

XML Web Services (XWS) User (Web Browser) HTML Web Server Ex) Google. com Amazon. com Your Program (. NET, Java) XML

XWS Application Example u. Touch. Graph. com Google. Browser XML Google. com

System Integration with XWS Your Company/ Organization Internal Systems XML Partners Customers

Getting Started. . . Informal Protocol Description Formal Protocol Intruder Model Specification Find error Analysis Tool

Specification u. XML Encryption: 31 pages • http: //www. w 3. org/TR/xmlenc-core/ u. XML Signature: 47 pages • http: //www. w 3. org/TR/xmldsig-core/ u. WS-Security: 22 pages • http: //www-106. ibm. com/developerworks/ webservices/library/ws-secure/

XML on SSL Commerce Site User XML SSL Credit Company XML SSL

XML Encryption --- before --<? xml version=‘ 1. 0’? > <Payment. Info xmlns=‘http: //example. XML Encryption --- before -- Alice 1234 5678 9012 3456 Example Bank 01 -05

XML Encryption --- after --<? xml version=‘ 1. 0’? > <Payment. Info xmlns=‘http: //example. XML Encryption --- after -- Alice A 23 B 45 C 56…

The Rule of XML Encryption <Encryption. Data Id? Type? > <Encryption. Method/>? <!-- 3 The Rule of XML Encryption ?