Presentation is loading. Please wait.

Presentation is loading. Please wait.

Making VLAB Secure Javier I. Roman. What is VLAB?  An interdisciplinary consortium dedicated to the development and promotion of the theory of planetary.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Making VLAB Secure Javier I. Roman. What is VLAB?  An interdisciplinary consortium dedicated to the development and promotion of the theory of planetary."— Presentation transcript:

1 Making VLAB Secure Javier I. Roman

2 What is VLAB?  An interdisciplinary consortium dedicated to the development and promotion of the theory of planetary materials.  Interpreted seismic data in the context of likely geophysical processes.  Be used as input for more sophisticated and reliable modeling of planets.

3 The Three Main Goals In Security!  Authentication verifying the identity of a user  Confidentiality protecting the privacy of the message contents  Integrity ensures that a message has not been altered since its departure from the original sender

4 Common ways to Solve Web Services Security  Sent over HTTPS/SSL secure channel gives confidentiality during transport.  Doing your own signatures/encryption using XML signatures & encryption standards  Service ‘authentication’ using public key certificates  Client ‘authentication’ using user/password sent over secure channel  SOAP formatted messages

5 Is HTTPS/SSL enough Security?  Transport Security a Point to Point Security Server authentication by client using public key certificate Encrypted whole messages to block eavesdroppers  Limitations that come from Transport Security Does not support intermediaries so router sees entire clear text message User > SSL > Router > SSL > Server Does not support signing a message to verified that the message was not change on transit

6 OASIS Web Services Security  End to End Security Data can be hidden from intermediaries  Transport Independent Run over HTTP, TCP, UDP, email or whatever  Framework for building security protocols Integrity, Confidentiality and Authentication  Support for different types of Security algorithms Encryption, Digest, Signature, Canonicalization, Transforms

7 How to achieve Authentication  Using UsernameToken with password Digest Digest = SHA1 ( nonce + created + password ) SHA1 is Secure hash algorithm Nonce is a unique sequence of random character

8 UsernameToken Digest xmlns:wsu="http://schemas.xmlsoap.org/ws/2002/07/utility">... <wsse:UsernameToken Javier OEdR... FKJh... 2007-07-14T09:00:00Z......

9 Adding Encryption too  Setting the Encrypt parameter The encryption algorithm select AES A Special-purpose quantum computer in the year 2015 will take 108 million years to break a key of 128 bits You can select the parts you want to encrypt in the message

10 Encrypting Body and UsernameToken

11 Adding Integrity  Using UsernameTokenSignature can determine whether a message was altered in transit  Verify that message was sent by possessor of particular security token  Generate a key using the username and password to Signature a element of a message or the Body

12 Putting everything together

Download ppt "Making VLAB Secure Javier I. Roman. What is VLAB?  An interdisciplinary consortium dedicated to the development and promotion of the theory of planetary."

Similar presentations

Presence, Security and Privacy. www.dynamicsoft.com VON 3.20. 01 The Current Environment Many Faces of Security Authentication Verify someone is who they.

Presence, Security and Privacy. VON The Current Environment Many Faces of Security Authentication Verify someone is who they.
Internet Protocol Security (IP Sec)

Internet Protocol Security (IP Sec)
Web Service Security CS409 Application Services Even Semester 2007.

Web Service Security CS409 Application Services Even Semester 2007.
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.

Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.
SSL CS772 Fall 2011. Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.

SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.
Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.

Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.
BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.

BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Chapter 10: Electronic Commerce Security. Electronic Commerce, Seventh Annual Edition2 Impact of Security on E-Commerce In 2006 an estimated $913 million.

Chapter 10: Electronic Commerce Security. Electronic Commerce, Seventh Annual Edition2 Impact of Security on E-Commerce In 2006 an estimated $913 million.
Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Chapter Extension 23 SSL/TLS and //https © 2008 Pearson Prentice Hall, Experiencing MIS, David Kroenke.

Chapter Extension 23 SSL/TLS and //https © 2008 Pearson Prentice Hall, Experiencing MIS, David Kroenke.
Web services security I

Web services security I
Prashanth Kumar Muthoju

Prashanth Kumar Muthoju
Encryption Methods By: Michael A. Scott 20140508.

Encryption Methods By: Michael A. Scott
Digital Signature Xiaoyan Guo/102587 Xiaohang Luo/104446.

Digital Signature Xiaoyan Guo/ Xiaohang Luo/
Lecture 9: Email Security via PGP CS 436/636/736 Spring 2012 Nitesh Saxena.

Lecture 9: Security via PGP CS 436/636/736 Spring 2012 Nitesh Saxena.
SMUCSE 5349/49 Email Security. SMUCSE 5349/7349 Threats Threats to the security of e-mail itself –Loss of confidentiality E-mails are sent in clear over.

SMUCSE 5349/49 Security. SMUCSE 5349/7349 Threats Threats to the security of itself –Loss of confidentiality s are sent in clear over.
.Net Security and Performance -has security slowed down the application By Krishnan Ganesh Madras.

.Net Security and Performance -has security slowed down the application By Krishnan Ganesh Madras.
Web Services Security. Introduction Developing standards for Web Services security – XML Key Management Specification (XKMS) – XML Signature – XML Encryption.

Web Services Security. Introduction Developing standards for Web Services security – XML Key Management Specification (XKMS) – XML Signature – XML Encryption.

Similar presentations

Ads by Google