Presentation is loading. Please wait.

Presentation is loading. Please wait.

Debugging lab 2. Outline 2 XML Digital signature Laboratory of debugging –XML-security.

Similar presentations


Presentation on theme: "Debugging lab 2. Outline 2 XML Digital signature Laboratory of debugging –XML-security."— Presentation transcript:

1 Debugging lab 2

2 Outline 2 XML Digital signature Laboratory of debugging –XML-security

3 Xml: eXtensible Language Markup Language to describe and transmit data Based on tags Designed to be self-descriptive W3C recommendation

4 Xml: elements..... Open tag Close tag Tove Jani Reminder Don't forget me this weekend! Comment source:

5 Xml: attributes Everyday Italian Giada De Laurentiis Harry Potter J K. Rowling Attributes source:

6 Xml: special characters Some characters have special meaning, so they must be handled with care << >> && ' " if salary if salary < 1000 then source:

7 Solving conflicts using prefixes Apples Bananas African Coffee Table source:

8 Solving conflicts using prefixes Apples Bananas African Coffee Table source:

9 Public/private key Document f

10 Digital signing

11 Signature verification

12 Main features of XML-security Canonize (standardize) xml documents, make logically-equivalent xml parts comparable Sign xml elements: whole document, element, element content Verify signatures

13 XML-Security project Xml-security (Apache Santuario) project is aimed at providing implementation of security standards for XML. Currently the focus is on the W3C standards: –XML-Signature Syntax and Processing; and –XML Encryption Syntax and Processing. Java implementation library includes a mature Digital Signature and Encryption implementation. It also includes the standard JSR 105 (Java XML Digital Signature) API. Applications can use the standard JSR 105 API or the Apache Santuario API to create and validate XML Signatures.

14 Component of an XML Signature source: (CanonicalizationMethod) (SignatureMethod) ( (Transforms)? (DigestMethod) (DigestValue) )+ (SignatureValue) (KeyInfo)? (Object)* Each resource to be signed has its own element, identified by the URI attribute The element specifies an ordered list of processing steps that were applied to the referenced resources content before it was digested. The element carries the value of the digest of the referenced resource The element carries the value of the encrypted digest of the element The element indicates the key to be used to validate the signature. Possible forms for identification include certificates, key names, and key agreement algorithms and information

15 Example of xml signature j6lwx3rvEPO0vKtMup4NbeVu8nk= MC0CFFrVLtRlk= Source:

16 Laboratory 16 Download xml-security from Import the project in Eclipse Address tasks in order Fix the bugs reported by the test cases/answer the question –Record start time –Fix the bug/answer the question –Record stop time –Fill the feedback questions Deliver the paper sheet Export the eclipse project and send it to


Download ppt "Debugging lab 2. Outline 2 XML Digital signature Laboratory of debugging –XML-security."

Similar presentations


Ads by Google