IBM [11] DOM : Web Services, security, WS-Security, XML, performance, RSA DSA HMAC
|
|
- Quentin Boone
- 5 years ago
- Views:
Transcription
1 WS-Security IBM Abstract: Web Services Security () Web Services Security XML SOAP SSL XML XML Signature [11] XML DOM Encryption [13] 58% 1.2 XML Signature XML Signature ( : Web Services, security, WS-Security, XML, performance, )XML RSA DSA HMAC 1. Web XML Services Security [9] [1] ( ) DOM (DOM ) (canonicalization, c14n) XML Signature Exclusive XML Canonicalization [12] 1.1 Web Services Security SOAP [8] 1.3 DOM XML XML DOM SAX 2 API DOM XML SAX SOAP DOM SAX SSL DOM DOM
2 XML Signature DOM XML Encryption Java 2. DOM SAX [1] XML Signature Exclusive XML Canonicalization Java UTF-16 XML Incoming Message Matching Result XML <Envelope> signature_value=abc cipher_value=def <SignatureValue> UTF-8 ABC </SignatureValue> Automaton UTF-8 <Body> <EncryptedData> <CipherValue> DEF UTF-16 </CipherValue> </EncryptedData> </Body> UTF-8 </Envelope> DOM-based UTF-8 XML <Body> Figure 1 Operations Template-based Operations <CipherValue> ${cipher_value} SAX </CipherValue> </EncryptedData> </Body> DOM </Envelope> Message Template Figure 1: DOM 45% DOM SOAP XML 1.4 SSL DOM SOAP over SSL XML DOM SSL 1 1 SSL SSL XML SOAP <wsse:security> SOAP XML ( )Base64 XML 2.1 XML Base64 1 SOAP XML Signature SOAP XML SOAP SSL -to- <Envelope> <SignatureValue> ${signature_value} </SignatureValue> <EncryptedData> (In case of match) (In case of mismatch) Add Template into the Automaton Template Generator Result <Envelope> <SignatureValue> ABC </SignatureValue> <Body> <getquote /> </Body> </Envelope>
3 <SOAP-ENV:Envelope > <ds:signaturemethod Algorithm= ${algorithm} > <ds:canonicalizationmethod XML XML XML <SOAP-ENV:Envelope > <ds:signaturemethod Algorithm= ${algorithm} ( ) > n<ds:canonicalizationmethod XML Figure 2: <soap:envelope > 1 <dsig:signaturemethod Algorithm= ${algorithm} > <dsig:canonicalizationmethod Add a template into an automaton <ds:signaturevalue> ${signaturevalue} < </ds:signaturevalue> <ds:signaturevalue> 5678ABCD== soap:envelope > <dsig:signaturemethod Algorithm= </ds:signaturevalue> ${algorithm} ${algorithm} ${signautrevalue} 567ABCD== > n<dsig:canonicalizationmethod XML SOAP-ENV:Envelope > <ds:signaturemethod Algorithm= > n<ds:canonicalizationmethod (Figure 2) Figure 3: 2.2 XML (Figure 3) XML : (> > ' ) XML DOM XML ( )
4 HMAC-SHA1 Figure 5 X 1 65 Y 1, 3, 4 Triple DES HMAC-SHA1 2 XML RSA-v1.5 RSA Figure 4 Figure 6 X {None, foo bar Symmetric} (HMAC-SHA1) Y ' 1024 Original Message <S:Body><GetQuote foo= foo bar= a'b >XXX</GetQuote></S:Body> C14n Pre-template <S:Body><GetQuote foo= ${attr1} bar= ${attr2} >${text1}</getquote></s:body> C14n Post-template <S:Body xmlns=><getquote bar= ${attr2} foo= ${attr1} >${text1}</getquote></s:body> <S:Body xmlns=><getquote bar= a b foo= foo >XXX</GetQuote></S:Body> C14n Result Figure 4: (a) 1 XML W3C XML Schema [14] xsd:boolean xsd:enumeration (b) Figure 5: Triple DES
5 (a) ( )Y (KBytes) Receiver; Type=Template; Alg={Symmetric, Symmetric}; Size= Memory Usage Memory usage (Matching Only) (b) Figure 8: Figure 8 X Y (KBytes) Figure 6: 2 DOM % DOM <ds:digestvalue> SOAP Body 1 SOAP Body Figure 7: DOM Figure 7 Template (Matching Only) 2 X
6 2.5MB IASTED PDCS [7] N. Abu-Ghazaleh, M. J. Lewis and M. 2 Govindaraju, Differential Serialization for Optimized SOAP Performance, in DOM Proceedings of the IEEE HPDC-13, [8] W3C Recommendation, SOAP Version 1.2 Part 1: Messaging Framework, 5 [9] Web Services Security Core Specification, DOM 58% wsssoap-message-security-1.0.pdf [10] OASIS Web Services Security TC, XML XML [11] W3C Recommendation, XML Signature Syntax and Processing, [12] W3C Recommendation, Exclusive XML Canonicalization Version 1.0, SSL [13] W3C Recommendation, XML Encryption References Syntax and Processing, [1] S. Makino, K. Tamura, T. Imamura and Y. Nakamura, Implementation and [14] W3C Recommendation, XML Schema, Performance of WS-Security, in International Journal of Web Services Research, Vol. 1, No. 1, March [2] T. Takase, H. Miyashita, M. Tatsubori and T. Suzumura, An Adaptive, Fast, and Safe XML Parser Based on Byte Sequences Memorization, to appear in Proceedings of the WWW [3] G. Apostolopoulos, V. Peris and D. Saha, Transport Layer Security: How much does it really Cost?, in Proceedings of the IEEE INFOCOM [4] M. Govindaraju, A. Slominski, V. Choppella, R. Bramley and D. Gannon, Requirements for and Evaluation of RMI Protocols for Scientific Computing, in Proceedings of the IEEE/ACM SC2000. [5] H. Liu, S. Pallickara and G. Fox, Performance of Web Services Security, Technical Report, November 2004, lications/perf.pdf [6] K. Devaram and D. Andresen, SOAP Optimization via Parameterized Client-Side Caching, in Proceedings of the
Application-aware Interface for SOAP Communication in Web Services
Application-aware Interface for SOAP Communication in Web Services Hao Wang 1, 2, Yizhu Tong 1, 2, Hong Liu 1, 2, Taoying Liu 1 1 (Research Centre for Grid and Service Computing Institute of Computing
More informationSOA-Tag Koblenz 28. September Dr.-Ing. Christian Geuer-Pollmann European Microsoft Innovation Center Aachen, Germany
SOA-Tag Koblenz 28. September 2007 Dr.-Ing. Christian Geuer-Pollmann European Microsoft Innovation Center Aachen, Germany WS-FooBar Buchstabensuppe WS-BusinessActivity MTOM XPath InfoSet XML WS-Management
More informationXML Security Algorithm Cross-Reference
http://www.w3.org/tr/2009/wd-xmlsec-algor... 1 3/28/2009 11:34 AM XML Security Algorithm Cross-Reference W3C Working Draft 26 February 2009 This version: http://www.w3.org/tr/2009/wd-xmlsec-algorithms-20090226/
More informationWeb Services Security SOAP Messages with Attachments (SwA) Profile 1.0 Interop 1 Scenarios
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 Web Services Security SOAP Messages with Attachments (SwA) Profile 1.0 Interop 1 Scenarios Working Draft 04, 21 Oct 2004 Document identifier:
More informationWeb Services Security
Web Services Security Submitted to Dr. Stefan Robila As Part of CMPT-585, Final Project By Nagalakshmi Kohareswaran Shilpa Venugopal Department of Computer Science Montclair State University Montclair,
More informationOptimizing Differential XML Processing by Leveraging Schema and Statistics
Optimizing Differential XML Processing by Leveraging Schema and Statistics Toyotaro Suzumura, Satoshi Makino, and Naohiko Uramoto Tokyo Research Laboratory, IBM Research 1623-14 Shimo-tsuruma Yamato-shi
More informationWeb Services Security SOAP Messages with Attachments (SwA) Profile 1.1
1 2 3 4 Web Services Security SOAP Messages with Attachments (SwA) Profile 1.1 OASIS Public Review Draft 01, 28 June 2005 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32
More informationSOAP-Based Security Interaction of Web Service in Heterogeneous Platforms *
Journal of Information Security, 2011, 2, 1-7 doi:10.4236/jis.2011.21001 Published Online January 2011 (http://www.scirp.org/journal/jis) SOAP-Based Security Interaction of Web Service in Heterogeneous
More informationImplementing WS-Security on TPF
z/tpf EE V1.1 z/tpfdf V1.1 TPF Toolkit for WebSphere Studio V3 TPF Operations Server V1.2 IBM Software Group TPF Users Group Autumn 2006 Implementing WS-Security on TPF Name: Bill Cousins Venue: Distributed
More informationWeb Services Security: SAML Interop 1 Scenarios
1 2 3 4 Web Services Security: SAML Interop 1 Scenarios Working Draft 04, Jan 29, 2004 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 Document identifier: Location: http://www.oasis-open.org/committees/wss/
More informationAnalysis of Transport Optimization Techniques
Analysis of Transport Optimization Techniques Kevin J. Ma Cisco Systems, Inc. Boxborough, MA 1719, USA Email: kema@cisco.com Radim Bartoš Department of Computer Science University of New Hampshire, Durham,
More information2010 Martin v. Löwis. Data-centric XML. XML Signature and Encryption
Data-centric XML XML Signature and Encryption Overview Canonicalization Signature Encryption 2 Canonical XML (1) http://www.w3.org/tr/2001/rec-xml-c14n-20010315 Definition of canonical form: Document is
More informationA Performance Evaluation of Using SOAP with Attachments for e-science
A Performance Evaluation of Using SOAP with Attachments for e-science Ying Ying, Yan Huang, and David W. Walker School of Computer Science, Cardiff University 5 The Parade, Roath, Cardiff CF24 3AA {Y.Ying,
More informationRSA-PSS in XMLDSig. Position Paper W3C Workshop Mountain View
RSA-PSS in XMLDSig Position Paper W3C Workshop Mountain View 1 Konrad Lanz Digital Signature Services OASIS-DSS - IAIK (Inst. f. angew. Informationsverarbeitung und Kommunikation) - SIC Stiftung Secure
More informationEncryption, Signing and Compression in Financial Web Services
Danske Bank Encryption, Signing and Compression in Financial Web Services Details of how to call the Danske Bank financial web service Version 2.4.8 Encryption, Signing and Compression in Financial Web
More informationCipher Suite Configuration Mode Commands
The Cipher Suite Configuration Mode is used to configure the building blocks for SSL cipher suites, including the encryption algorithm, hash function, and key exchange. Important The commands or keywords/variables
More informationIntroduction to the Cisco ANM Web Services API
1 CHAPTER This chapter describes the Cisco ANM Web Services application programming interface (API), which provides a programmable interface for system developers to integrate with customized or third-party
More informationLesson 13 Securing Web Services (WS-Security, SAML)
Lesson 13 Securing Web Services (WS-Security, SAML) Service Oriented Architectures Module 2 - WS Security Unit 1 Auxiliary Protocols Ernesto Damiani Università di Milano element This element
More informationIBM Research Report. XML Signature Element Wrapping Attacks and Countermeasures
RC23691 (W0508-064) August 9, 2005 Computer Science IBM Research Report XML Signature Element Wrapping Attacks and Countermeasures Michael McIntosh, Paula Austel IBM Research Division Thomas J. Watson
More informationOracle Application Server
Oracle Application Server Web Services Security Guide 10g (10.1.3.1.0) B28976-01 September 2006 Oracle Application Server Web Services Security Guide 10g (10.1.3.1.0) B28976-01 Copyright 2006, Oracle.
More informationOASIS XACML XML DSig Profile
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 OASIS XACML XML DSig Profile Working draft 0.2, 14 March 2003 Document identifier: wd-aha-dsigprofile-02.sxw
More informationA High Performance SOAP Engine for Grid Computing
A High Performance SOAP Engine for Grid Computing Ning Wang 1, Michael Welzl 2, and Liang Zhang 1 1 Institute of Software, Chinese Academy of Sciences, Beijing, China wangning@otcaix.iscas.ac.cn 2 Institute
More informationChapter 9 Web Services
CSF661 Distributed Systems 分散式系統 Chapter 9 Web Services 吳俊興 國立高雄大學資訊工程學系 Chapter 9 Web Services 9.1 Introduction 9.2 Web services 9.3 Service descriptions and IDL for web services 9.4 A directory service
More informationLSS Technical Specification
LSS Technical Specification Table of contents 1 Introduction... 3 2 Rendering of signature flows... 4 3 Security guidelines... 5 3.1 LSS back-end only accessible via SSL... 5 3.2 Content Security Policy...
More informationToward Characterizing the Performance of SOAP Toolkits
In Procceedings of 5th IEEE/ACM International Workshop on Grid Computing, Pittsburgh, pp: 365-372, (short paper), November, 24. Toward Characterizing the Performance of SOAP Toolkits Madhusudhan Govindaraju,
More informationAgenda. Summary of Previous Session. XML for Java Developers G Session 6 - Main Theme XML Information Processing (Part II)
XML for Java Developers G22.3033-002 Session 6 - Main Theme XML Information Processing (Part II) Dr. Jean-Claude Franchitti New York University Computer Science Department Courant Institute of Mathematical
More informationWeb Services Security: XCBF Token Profile
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 Web Services Security: XCBF Token Profile Working Draft 1.1, Sunday, 30 March 2003 Document identifier:
More informationBloombase Spitfire SOA Security Server
Specification Sheet Bloombase Spitfire SOA Security Server Features Rich XML and SOA Capabilities XML proxy and firewall, XML parsing and filtering, secures EDI, EAI, SOA and Web Services (WS) data, schema
More informationWeb Services Security - Basics
Web Services Security - Basics Michael Pühlhöfer, Senior IT-Architect, IBM Software Group Member of IBM Technical Expert Council 1 Agenda 1. Security Requirements for Peer-to-Peer Applications 2. Web Services
More informationPassword Based Cryptography
Written By: Adam Berent Document Revision 1.1 Password Based Cryptography Outline 1.0 Preface 1. Preface 2. Summary 3. Message Format 3.1. XML Schema 4. Padding 5. Salt Generation 6. Deriving the Iteration
More informationWeb Services and Services on the Web
Web Services and Services on the Web Paul Downey BT W3C Workshop on the Web of Services for Enterprise Computing 27-28th February 2007 80s telcoms ICT ` EoI federation mobile outsourcing open ubiquitous
More informationWeb Services Security XCBF Token Profile
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 Web Services Security XCBF Token Profile Working Draft 1.0, Monday, 25 November 2002 Document identifier:
More informationURL Signing and Validation
APPENDIXF This appendix describes the URL signing and validation method for the Cisco Internet Streamer CDS. This appendix contains the following sections: Introduction, page F-1 Configuring the CDS for
More informationSecurity Based Heuristic SAX for XML Parsing
Security Based Heuristic SAX for XML Parsing Wei Wang Department of Automation Tsinghua University, China Beijing, China Abstract - XML based services integrate information resources running on different
More informationก. ก ก (krunapon@kku.ac.th) (pongsakorn@gmail.com) ก ก ก ก ก ก ก ก ก ก 2 ก ก ก ก ก ก ก ก ก ก ก ก ก ก ก ก ก ก ก ก ก ก ก 3 ก ก 4 ก ก 1 ก ก ก ก (XML) ก ก ก ก ( HTTP) ก ก Web Services WWW Web services architecture
More informationIEEE Key Management Summit 2008
OASIS Enterprise Key Management Infrastructure (EKMI) Version 1.3 Arshad Noor StrongAuth, Inc. Background OASIS EKMI TC Technical Committee with 4 goals: 1. Standardize Symmetric Key Services Markup Language
More informationWeb Services Introduction WS-Security XKMS
Web Service Security Wolfgang Werner HP Decus Bonn 2003 2003 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice Agenda Web Services Introduction
More informationREVENUE ONLINE SERVICE
REVENUE ONLINE SERVICE Page 1 of 8 DOCUMENT CONTROL Document Holder Brian Jones Change History Version Date Change 1.0 13/11/01 Document Created 1.1 26/06/2012 Updated the following fields to allow them
More informationExperience XML Security
Experience XML Security The XML-Security Plug-In for Eclipse Dominik Schadow Pasingerstrasse 28, 82152 Planegg, Germany info@xml-sicherheit.de, http://www.xml-sicherheit.de Abstract. The XML-Security Plug-In
More informationSignXML Documentation
SignXML Documentation Release 0.0.1 Andrey Kislyuk Jul 10, 2017 Contents 1 Installation 3 2 Synopsis 5 2.1 Verifying SAML assertions....................................... 5 2.1.1 Example: Signing and
More informationSignXML Documentation
SignXML Documentation Release 0.0.1 Andrey Kislyuk Dec 17, 2017 Contents 1 Installation 3 2 Synopsis 5 2.1 Verifying SAML assertions....................................... 5 2.1.1 Example: Signing and
More informationRolling out Web Services the Right Way with Spring-WS
Rolling out Web Services the Right Way with Spring-WS Arjen Poutsma Senior Consultant Interface21 Spring-WS Lead 1 About me Over ten years of experience in Enterprise Software Development Three years of
More informationAcceleration Techniques for XML Processors
Acceleration Techniques for XML Processors Biswadeep Nag Staff Engineer Performance Engineering XMLConference 2004 XML is Everywhere Configuration files (web.xml, TurboTax) Office documents (StarOffice,
More informationLYE: a high-performance caching SOAP implementation
LYE: a high-performance caching SOAP implementation Daniel Andresen, David Sexton, Kiran Devaram, Venkatesh Prasad Ranganath, Department of Computing and Information Sciences Kansas State University {dan,
More informationSMPTE Standards Transition Issues for NIST/FIPS Requirements
SMPTE Standards Transition Issues for NIST/FIPS Requirements Contents 2010.5.20 DRM inside Taehyun Kim 1 Introduction NIST (National Institute of Standards and Technology) published a draft special document
More informationSimple Object Access Protocol (SOAP) Reference: 1. Web Services, Gustavo Alonso et. al., Springer
Simple Object Access Protocol (SOAP) Reference: 1. Web Services, Gustavo Alonso et. al., Springer Minimal List Common Syntax is provided by XML To allow remote sites to interact with each other: 1. A common
More informationWeb Services Security: SOAP Message Security
1 2 3 4 Web Services Security: SOAP Message Security Working Draft 10, Sunday, 23 February 2003 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 Document identifier: WSS: SOAP Message Security
More informationConstructing Finite State Automata for High Performance Web Services
PAPER ID = 257 Submitted to the IEEE International Conference on Web Services 2004. Constructing Finite State Automata for High Performance Web Services Robert A. van Engelen Department of Computer Science
More information3.2 The EncryptionMethod Element
3.2 The EncryptionMethod Element EncryptionMethod is an optional element that describes the encryption algorithm applied to the cipher data. If the element is absent, the encryption algorithm must be known
More informationWeb Services Security: SOAP Message Security
1 2 3 4 Web Services Security: SOAP Message Security Working Draft 11, Monday, 03 March 2003 5 6 7 8 9 10 11 12 13 14 15 Document identifier: WSS: SOAP Message Security -11 Location: TBD Editors: Phillip
More informationProgramming Web Services in Java
Programming Web Services in Java Description Audience This course teaches students how to program Web Services in Java, including using SOAP, WSDL and UDDI. Developers and other people interested in learning
More informationDelivery Options: Attend face-to-face in the classroom or via remote-live attendance.
XML Programming Duration: 5 Days US Price: $2795 UK Price: 1,995 *Prices are subject to VAT CA Price: CDN$3,275 *Prices are subject to GST/HST Delivery Options: Attend face-to-face in the classroom or
More informationWWW, REST, and Web Services
WWW, REST, and Web Services Instructor: Yongjie Zheng Aprile 18, 2017 CS 5553: Software Architecture and Design World Wide Web (WWW) What is the Web? What challenges does the Web have to address? 2 What
More informationAffordable Care Act (ACA) Information Returns (AIR) AIR Submission Composition and Reference Guide
Affordable Care Act (ACA) Information Returns () Submission Composition and Reference Guide Version 2.0 July 2015 Composition & Reference Guide Table of Contents 1 Introduction... 1 1.1. Identification...
More informationURL Signing and Validation
APPENDIXI This appendix describes the URL signing and validation method for the Cisco Internet Streamer CDS. This appendix contains the following sections: Introduction, page I-1 Configuring the CDS for
More information<Insert Picture Here> Experience with XML Signature and Recommendations for future Development
Experience with XML Signature and Recommendations for future Development Prateek Mishra, Sep, 2007 Overview Two main recommendations: Working group should consider a simple profile
More informationNational Identity Exchange Federation. Web Services System- to- System Profile. Version 1.1
National Identity Exchange Federation Web Services System- to- System Profile Version 1.1 July 24, 2015 Table of Contents TABLE OF CONTENTS I 1. TARGET AUDIENCE AND PURPOSE 1 2. NIEF IDENTITY TRUST FRAMEWORK
More informationDelivery Options: Attend face-to-face in the classroom or remote-live attendance.
XML Programming Duration: 5 Days Price: $2795 *California residents and government employees call for pricing. Discounts: We offer multiple discount options. Click here for more info. Delivery Options:
More information1 URI stands for Universal Resource Identifier.
Chapter 1. XML Security The extendible Markup Language (XML) allows organizations to agree on a common, interoperable markup for document formatting (vocabulary), and use it to exchange business documents,
More informationSubject Key Attestations in KeyGen2
Subject Key Attestations in KeyGen2 For on-line (remote) provisioning of keys to Security Elements (SEs), like Smart Cards, there is a whish by issuers to be able to securely verify that the public key
More information[MS-KPS-Diff]: Key Protection Service Protocol. Intellectual Property Rights Notice for Open Specifications Documentation
[MS-KPS-Diff]: Intellectual Property Rights Notice for Open Specifications Documentation Technical Documentation. Microsoft publishes Open Specifications documentation ( this documentation ) for protocols,
More information1Z Oracle. Java Platform Enterprise Edition 6 Web Services Developer Certified Expert
Oracle 1Z0-897 Java Platform Enterprise Edition 6 Web Services Developer Certified Expert Download Full Version : http://killexams.com/pass4sure/exam-detail/1z0-897 QUESTION: 113 Which three statements
More informationThe Xlint Project * 1 Motivation. 2 XML Parsing Techniques
The Xlint Project * Juan Fernando Arguello, Yuhui Jin {jarguell, yhjin}@db.stanford.edu Stanford University December 24, 2003 1 Motivation Extensible Markup Language (XML) [1] is a simple, very flexible
More informationSimple Object Access Protocol
Simple Object Access Protocol Why Simple Object Access Protocol Light weight replacement for complicated distributed object technology Originally for BizTalk (Microsoft/UserLand/Developmentor) Now a W3C
More informationDatapower is both a security appliance & can provide a firewall mechanism to get into Systems of Record
1 2 3 Datapower is both a security appliance & can provide a firewall mechanism to get into Systems of Record 5 White boxes show the access points for different kinds of security. That s what we will
More informationCrypto Hardware on z Systems - Part 2
Crypto Hardware on z Systems - Part 2 Greg Boyd gregboyd@mainframecrypto.com www.mainframecrypto.com zexchange Crypto Hardware Part 2 May 2015 Agenda Crypto Hardware - Part 1 A refresher A little bit of
More informationInternet Engineering Task Force (IETF) Request for Comments: 6160 Category: Standards Track April 2011 ISSN:
Internet Engineering Task Force (IETF) S. Turner Request for Comments: 6160 IECA Category: Standards Track April 2011 ISSN: 2070-1721 Abstract Algorithms for Cryptographic Message Syntax (CMS) Protection
More informationLecture 15: Frameworks for Application-layer Communications
Lecture 15: Frameworks for Application-layer Communications Prof. Shervin Shirmohammadi SITE, University of Ottawa Fall 2005 CEG 4183 15-1 Background We have seen previously that: Applications need to
More informationLecture 15: Frameworks for Application-layer Communications
Lecture 15: Frameworks for Application-layer Communications Prof. Shervin Shirmohammadi SITE, University of Ottawa Fall 2005 CEG 4183 15-1 Background We have seen previously that: Applications need to
More informationIndustry Advisory DIGITAL SIGNATURES AND C14N CROSS PLATFORM COMPATIBILITY ISSUES: RECOMMENDATIONS FOR FEMA IPAWS CONTENTS AND OTHER CAP SYSTEMS.
DIGITAL SIGNATURES AND C14N CROSS PLATFORM COMPATIBILITY ISSUES: RECOMMENDATIONS FOR FEMA IPAWS AND OTHER CAP SYSTEMS. CONTENTS OVERVIEW AND RECOMMENDATIONS... 1 BACKGROUND: IPAWS AND EXCLUSIVE CANONICALIZATION...
More informationBerner Fachhochschule. Technik und Informatik. Web Services. An Introduction. Prof. Dr. Eric Dubuis Berner Fachhochschule Biel
Berner Fachhochschule Technik und Informatik Web Services An Introduction Prof. Dr. Eric Dubuis Berner Fachhochschule Biel Overview Web Service versus Web Application A Definition for the Term Web Service
More informationPerformance Enhancement with Speculative Execution Based Parallelism for Processing Large-scale XML-based Application Data
Performance Enhancement with Speculative Execution Based Parallelism for Processing Large-scale XML-based Application Data Michael R. Head mike@cs.binghamton.edu Grid Computing Research Laboratory Computer
More informationA Benchmark on SOAP s Transport Protocols Performance For Mobile Applications
A Benchmark on SOAP s Transport Protocols Performance For Mobile Applications Khoi Anh Phan RMIT University, School of Computer Science and Information Technology GPO Box 3476V, Melbourne VIC 31, Australia
More informationAnalysis and Selection of Web Service Technologies
Environment. Technology. Resources, Rezekne, Latvia Proceedings of the 11 th International Scientific and Practical Conference. Volume II, 18-23 Analysis and Selection of Web Service Technologies Viktorija
More informationLookup Roles Application Programming Interface (API) Version Software User s Manual (SUM)
Lookup Roles Application Programming Interface (API) Version 5.11 Software User s Manual (SUM) Document Version 5.11 June 29, 2014 Prepared by: CACI 50 N Laura Street Jacksonville FL 32202 Prepared for:
More informationInternet Engineering Task Force (IETF) Request for Comments: 7192 Category: Standards Track April 2014 ISSN:
Internet Engineering Task Force (IETF) S. Turner Request for Comments: 7192 IECA Category: Standards Track April 2014 ISSN: 2070-1721 Abstract Algorithms for Cryptographic Message Syntax (CMS) Key Package
More informationNAADS DSS web service usage Contents
NAADS DSS web service usage Contents NAADS DSS web service usage... 1 NAADS DSS Service... 2 NAADS DSS web service presentation... 2 NAADS DSS verification request... 2 NAADS DSS verification response...
More informationCOMP9321 Web Application Engineering
COMP9321 Web Application Engineering Semester 2, 2015 Dr. Amin Beheshti Service Oriented Computing Group, CSE, UNSW Australia Week 4 http://webapps.cse.unsw.edu.au/webcms2/course/index.php?cid=2411 1 Extensible
More informationWS-SecureConversation v1.0
WS-SecureConversation v1.0 Working Draft, 08 December 2005 Artifact Identifier: ws-sx-spec-draft-v1-r0-ws-secureconversation Location: Current: docs.oasis-open.org/ws-sx/200512/ws-secureconversation This
More information1. Draw the fundamental software technology architecture layers. Software Program APIs Runtime Operating System 2. Give the architecture components of J2EE to SOA. i. Java Server Pages (JSPs) ii. Struts
More informationWhat is JOSE. Jim Schaad Co-chair JOSE August Cellars. Friday, March 15, 13
What is JOSE Jim Schaad Co-chair JOSE August Cellars 1 Overview Use JSON for data structure representations Try and meet the goal of easy to implement and use Allow for complex uses Allow for arbitrary
More informationOracle Fusion Middleware
Oracle Fusion Middleware Reference for Oracle Security Developer Tools 11g Release 1 (11.1.1) E10037-03 November 2011 Oracle Fusion Middleware Reference for Oracle Security Developer Tools, 11g Release
More informationSecure Mobile Commerce based on XML Security
Secure Mobile Commerce based on XML Security JOO-YOUNG LEE, KI-YOUNG MOON, and SUNG-WON SOHN Information Security Technology Division Electronics and Telecommunications Research Institute 161 Gajeong-dong,
More informationConcepts of Web Services Security
Concepts of Web Services Security Session MCP/OS/MTP 4066 2:45 3:45pm, Halloween 2017 MGS, Inc. Software Engineering, Product & Services firm founded in 1986 Products and services to solve business problems:
More informationEnterprise SOA Experience Workshop. Module 8: Operating an enterprise SOA Landscape
Enterprise SOA Experience Workshop Module 8: Operating an enterprise SOA Landscape Agenda 1. Authentication and Authorization 2. Web Services and Security 3. Web Services and Change Management 4. Summary
More informationNew open source CA development as Grid research platform.
New open source CA development as Grid research platform. National Research Grid Initiative in Japan Takuto Okuno. 1 About NAREGI PKI Group (WP5) 2 NAREGI Authentication Service Perspective To develop
More informationProvenance Situations: Use Cases for Provenance on Web Architecture
Provenance Situations: Use Cases for Provenance on Web Architecture W3C Provenance XG http://www.w3.org/2005/incubator/prov/wiki October 28, 2010 1 Provenance and Web Architecture: Consider Five Diverse
More informationDifferential Deserialization for Optimized SOAP Performance
Differential Deserialization for Optimized SOAP Performance Nayef Abu-Ghazaleh and Michael J. Lewis Grid Computing Research Laboratory Department of Computer Science State University of New York (SUNY)
More informationWeb Services Security. Dr. Ingo Melzer, Prof. Mario Jeckle
Web Services Security Dr. Ingo Melzer, Prof. Mario Jeckle What is a Web Service? Infrastructure Web Service I. Melzer -- Web Services Security 2 What is a Web Service? Directory Description UDDI/WSIL WSDL
More informationEncrypted DigiDoc Format Specification
Encrypted DigiDoc Format Specification Document Ver: 1.1 Format Specification Ver: 1.0 Modified: 25.06.2012 AS Sertifitseerimiskeskus (Certification Centre Ltd.) Document Versions Document Specifications
More informationTechnical Specifications for Electronic Business Services (EBS)
Technical Specifications for Electronic Business Services (EBS) Ministry of Health and Long-Term Care EBS - Generic Security Specification Version 2.19 Table of Contents Chapter 1 Electronic Business Services
More informationMAIL PLUGIN FOR IBM MASHUP CENTER
International Journal of Electronic Commerce Studies Vol.1, No.2, pp.139-148, 2010 MAIL PLUGIN FOR IBM MASHUP CENTER Pinaki Mitra, Indian Institute of Technology, Guwahati, India pinaki@iitg.ernet.in Girish
More informationCall: JSP Spring Hibernate Webservice Course Content:35-40hours Course Outline
JSP Spring Hibernate Webservice Course Content:35-40hours Course Outline Advanced Java Database Programming JDBC overview SQL- Structured Query Language JDBC Programming Concepts Query Execution Scrollable
More informationSharing Secrets using Encryption Facility - Handson
Sharing Secrets using Encryption Facility - Handson Lab Steven R. Hart IBM March 12, 2014 Session Number 14963 Encryption Facility for z/os Encryption Facility for z/os is a host based software solution
More informationOversize Payload. SOAPAction Spoofing Metadata Spoofing Attack Obfuscation. BPEL State Deviation Signature Wrapping with Namespace Injection
XML- und Web-Service-Sicherheit Attacking Web Services Overview Oversize Payload Coercive Parsing SOAPAction Spoofing Metadata Spoofing Attack Obfuscation WS-Addressing Spoofing BPEL State Deviation Signature
More informationModule 12 Web Service Model
Module 12 Web Service Model Objectives Describe the role of web services List the specifications used to make web services platform independent Describe the Java APIs used for XML processing and web services
More informationSUN. Java Platform Enterprise Edition 6 Web Services Developer Certified Professional
SUN 311-232 Java Platform Enterprise Edition 6 Web Services Developer Certified Professional Download Full Version : http://killexams.com/pass4sure/exam-detail/311-232 QUESTION: 109 What are three best
More informationInternet Engineering Task Force (IETF) Request for Comments: 5959 Category: Standards Track August 2010 ISSN:
Internet Engineering Task Force (IETF) S. Turner Request for Comments: 5959 IECA Category: Standards Track August 2010 ISSN: 2070-1721 Abstract Algorithms for Asymmetric Key Package Content Type This document
More informationWhat s New in Uniface 9.5. Eddy Knochs, Solution Specialist 9 th March, 2012
What s New in Uniface 9.5 Eddy Knochs, Solution Specialist 9 th March, 2012 Themes GUI enhancements Grid widget Web services Complex data types Security Rich Internet Applications Performance Session management
More informationEnhanced SOAP Performance for Low Bandwidth Environments
Enhanced SOAP Performance for Low Bandwidth Environments A thesis submitted in fulfilment of the requirements for the degree of Masters of Applied Science Khoi Anh Thi Phan B.Eng. School of Computer Science
More information