XML Encryption Prabath Siriwardena Director, Security Architecture.

Slides:



Advertisements
Similar presentations
Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
Advertisements

OGSA Security Profile 2.0 (a.k.a. Express Authentication Profile) DUANE MERRILL October 18, 2007.
Technical Presentation AIAC Group 11. System Rationale System Architecture Secure Channel Establishment Username/Password Cartão Cidadão Digital.
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
WS – Security Policy Prabath Siriwardena Director, Security Architecture.
How to Use XML Security Standards in Real World Aleksey Sanin O’Reilly Open Source Convention July , 2003.
CIS 375—Web App Dev II SOAP.
SOAP Quang Vinh Pham Simon De Baets Université Libre de Bruxelles1.
TLS Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.
Secure Socket Layer.
An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.
Transport Layer Security (TLS) Protocol Introduction to networks and communications(CS555) Prof : Dr Kurt maly Student:Abhinav y.
Topic 7: Using cryptography in mobile computing. Cryptography basics: symmetric, public-key, hash function and digital signature Cryptography, describing.
Principles of Information Security, 2nd edition1 Cryptography.
LAB#2 JAVA SECURITY OVERVIEW Prepared by: I.Raniah Alghamdi.
Lecture III : Communication Security, Services & Mechanisms Internet Security: Principles & Practices John K. Zao, PhD SMIEEE National Chiao-Tung University.
1/4722 January 2003Secure XML XML Security Donald E. Eastlake, III
How cryptography is used to secure web services Josh Benaloh Cryptographer Microsoft Research.
Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.
Chapter 8 Web Security.
Web services security I
E- Business Digital Signature Varna Free University Prof. Teodora Bakardjieva.
Overview of Digital Signatures Introduction To Networks and Communications (CS 555) Presented by Bharath Kongara.
Encryption Methods By: Michael A. Scott
Csci5233 Computer Security1 GS: Chapter 5 Asymmetric Encryption in Java.
1 Web Services Security XML Encryption, XML Signature and WS-Security.
Secure Systems Research Group - FAU Patterns for Digital Signature using hashing Presented by Keiko Hashizume.
Lecture 3: Cryptographic Tools modified from slides of Lawrie Brown.
Announcement Final exam: Wed, June 9, 9:30-11:18 Scope: materials after RSA (but you need to know RSA) Open books, open notes. Calculators allowed. 1.
Cryptography in.Net CS 795. Goals Confidentiality---no one else can intercept a message as it passes from A to B---Encryption is the answer Integrity---message.
Implementation Of XML DIGITAL SIGNATURES Using Microsoft.NET.
The proof of your digital documents
1 Introduction to Security and Cryptology Enterprise Systems DT211 Denis Manley.
Cryptography in.Net Chapters (O’Reilly book) CS 795.
XML Signature Prabath Siriwardena Director, Security Architecture.
Key Management Workshop November 1-2, Cryptographic Algorithms, Keys, and other Keying Material  Approved cryptographic algorithms  Security.
Web Services Security Standards Overview for the Non-Specialist Hal Lockhart Office of the CTO BEA Systems.
Cryptography  Why Cryptography  Symmetric Encryption  Key exchange  Public-Key Cryptography  Key exchange  Certification.
E-Commerce Security Professor: Morteza Anvari Student: Xiaoli Li Student ID: March 10, 2001.
How cryptography is used to secure web services Josh Benaloh Cryptographer Microsoft Research.
Cryptography and Network Security (CS435) Part Fourteen (Web Security)
Web Security : Secure Socket Layer Secure Electronic Transaction.
Digital Envelopes, Secure Socket Layer and Digital Certificates By: Anthony and James.
OTP-ValidationService John Linn, RSA Laboratories 11 May 2005.
Encryption. What is Encryption? Encryption is the process of converting plain text into cipher text, with the goal of making the text unreadable.
 A Web service is a method of communication between two electronic devices over World Wide Web.
Copyright OASIS, 2001 ebXML CPPA Technology Dale Moberg, Cyclone Commerce Chair, OASIS ebXML TC
An Overview and Evaluation of Web Services Security Performance Optimizations Robert van Engelen & Wei Zhang Department of Computer Science Florida State.
Digital Signatures, Message Digest and Authentication Week-9.
WS-Security Additional Material. Security Element: enclosing information n UsernameToken block u Defines how username-and-password info is enclosed in.
1 CMPT 471 Networking II Authentication and Encryption © Janice Regan,
What is SOAP? Luciano Piccoli. SOAP – Simple Object Access Protocol  SOAP is an XML based protocol to let software components and applications communicate.
Krishna Sattiraju CS 792.NET. Overview  What is XML Encryption  Methods for Encryption  Storage of Encrypted Data  Benefits of XML Secure Storage.
Electronic Commerce School of Library and Information Science PGP and cryptography I. What is encryption? Cryptographic systems II. What is PGP? How does.
Secure Messenger Protocol using AES (Rijndael) Sang won, Lee
Task Force CoRD Meeting / XML Security for Statistical Data Exchange Gregory Farmakis Agilis SA.
Web Services Security INFOSYS 290, Section 3 Web Services: Concepts, Design and Implementation Adam Blum
Secure Instant Messenger in Android Name: Shamik Roy Chowdhury.
The Federal Information Processing Standards (FIPS) Encryption Suite Sean Smith COSC
1 CPCS425: Information Security (Topic 5) Topic 5  Symmetrical Cryptography  Understand the principles of modern symmetric (conventional) cryptography.
Symmetric and Asymmetric Encryption
Presentation transcript:

XML Encryption Prabath Siriwardena Director, Security Architecture

XML Security Integrity and non-repudiation XML Signature by W3C Confidentiality of XML documents XML Encryption by W3C

XML-Encryption A W3C standard which followed XML Signatures, for encrypting all of an XML document, part of it or an external object. XML Signature points to what is being signed – while in XML Encryption, element contains what is being encrypted. XML Encryption shares the element with XML Signature – which is defined under XML Signature namespace.

XML-Encryption Encrypts XML with a symmetric key Symmetric key encryption is much efficient than asymmetric key encryption

QUESTION 1 What are the differences between Symmetric key encryption and Asymmetric key encryption ?

XML-Encryption (Example) John Smith Example Bank 04/02

XML-Encryption (Example) John Smith <EncryptedData Type=' xmlns=' A23B45C56

XML-Encryption

Specify the encryption algorithm to be used. – – – –

<EncryptedData xmlns=' Type=' <EncryptionMethod Algorithm=' cbc'/> John Smith DEADBEEF XML-Encryption (Example)

QUESTION 2 Explain different types of cipher modes.

XML-Encryption

Either contains encrypted information inside or a reference to the resource being encrypted inside.

Contains Base-64 encoded encrypted information.

If the encrypted resource information is located in a URI – addressable location this element is being used. URI attribute is used just like the way it’s being used in in XML Signature This also includes element which contain a pipeline of elements – as in the case of XML Signature. element defined under XML Signature namespace

<EncryptedData xmlns=' Type=' <EncryptionMethod Algorithm=' cbc'/> John Smith DEADBEEF XML-Encryption (Example)

<EncryptedData xmlns=' Type=' XML-Encryption (Example)

QUESTION 3 How can we use XML Encryption to encrypt non- xml attachments ?

XML-Encryption

Almost similar to Holds useful information about the encryption.....

XML-Encryption

KeyInfo in XML Signature is about providing the public key to verify the signature. In XML Encryption KeyInfo is about providing an encryption key, that is almost always a shared key. In XML Signature we can directly include the key in it. But in XML Encryption we should NOT. XML Encryption extends the XML Signature KeyInfo with two new elements and

Locating the Encryption key Leave out the key – assuming the receiving end is aware of the encryption key. Provide a name or pointer, where the receiving end locate the key. Encrypt the key using the public key of the receiving end and include the encrypted ‘encryption’ key inside KeyInfo.

XML-Encryption (Example) <EncryptedData xmlns=' Type=' <EncryptionMethod Algorithm=' John Smith DEADBEEF

A strategy for safely communicating a secret key. refers to a key agreement protocol that is used to generate the encryption key. Not commonly used – an optional element

Zm9v <ds:DigestMethod Algorithm="

is simple another element. Both extends Both do encryption - encrypts the shared key used to encrypt the message. Digital Enveloping / Key transport strategy

We will have multiple elements within the same XML document and they all will be referred by a standalone element.

is a child element of refers to the elements which use the same key to encrypt

With multiple elements are referred by a single key element. The CarriedKeyName element is used to identify the encrypted key value which may be referenced by the KeyName element in ds:KeyInfo

XML-Encryption - Processing Choose an encryption algorithm Obtain an encryption key and may represent it Serialize message data to octets [ a stream of bytes] Encrypt the data Specify the Complete the structure

Decryption Process Get algorithm, parameters and KeyInfo Locate the encryption key Decrypt data Process XML Elements and XML Element Content If no specified then the result of encryption is passed back to the application.

lean. enterprise. middleware

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.