18,878 research outputs found
Developing a Framework to Implement Public Key Infrastructure Enabled Security in XML Documents
This paper concentrates on proposing a framework to implement the PKI enables security in XML documents, by defining a common framework and processing rules that can be shared across applications using common tools, avoiding the need for extensive customization of applications to add security. The Framework reuses the concepts, algorithms and core technologies of legacy security systems while introducing changes necessary to support extensible integration with XML. This allows interoperability with a wide range of existing infrastructures and across deployments. Currently no strict security models and mechanisms are available that can provide specification and enforcement of security policies for XML documents. Such models are crucial in order to facilitate a secure dissemination of XML documents, containing information of different sensitivity levels, among (possibly large) user communities
Non-Blocking Signature of very large SOAP Messages
Data transfer and staging services are common components in Grid-based, or
more generally, in service-oriented applications. Security mechanisms play a
central role in such services, especially when they are deployed in sensitive
application fields like e-health. The adoption of WS-Security and related
standards to SOAP-based transfer services is, however, problematic as a
straightforward adoption of SOAP with MTOM introduces considerable
inefficiencies in the signature generation process when large data sets are
involved. This paper proposes a non-blocking, signature generation approach
enabling a stream-like processing with considerable performance enhancements.Comment: 13 pages, 5 figure
Non-Blocking Signature of very large SOAP Messages
Data transfer and staging services are common components in Grid-based, or
more generally, in service-oriented applications. Security mechanisms play a
central role in such services, especially when they are deployed in sensitive
application fields like e-health. The adoption of WS-Security and related
standards to SOAP-based transfer services is, however, problematic as a
straightforward adoption of SOAP with MTOM introduces considerable
inefficiencies in the signature generation process when large data sets are
involved. This paper proposes a non-blocking, signature generation approach
enabling a stream-like processing with considerable performance enhancements.Comment: 13 pages, 5 figure
IVOA Recommendation: Universal Worker Service Pattern Version 1.0
The Universal Worker Service (UWS) pattern defines how to manage asynchronous
execution of jobs on a service. Any application of the pattern defines a family
of related services with a common service contract. Possible uses of the
pattern are also described
webXice: an Infrastructure for Information Commerce on the WWW
Systems for information commerce on the WWW have to support flexible business models if they should be able to cover a wide range of requirements imposed by the different types of information businesses. This leads to non-trivial functional and security requirements both on the provider and consumer side, for which we introduce an architecture and a system implementation, webXice. We focus on the question, how participants with minimal technological requisites, i.e. solely standard Web browsers available, can be technologically enabled to articipate in the information commerce at a system level, while not sacrificing the functionality and security required by an autonomous participant in an information commerce scenario. In particular, we propose an implementation strategy to efficiently support persistent message logging for light-weight clients, that enables clients to collect and manage non-reputiable messages as proofs. We believe that the capability to support minimal system platforms is a necessary precondition for the wide-spread use of any information commerce infrastructure
XML Rewriting Attacks: Existing Solutions and their Limitations
Web Services are web-based applications made available for web users or
remote Web-based programs. In order to promote interoperability, they publish
their interfaces in the so-called WSDL file and allow remote call over the
network. Although Web Services can be used in different ways, the industry
standard is the Service Oriented Architecture Web Services that doesn't rely on
the implementation details. In this architecture, communication is performed
through XML-based messages called SOAP messages. However, those messages are
prone to attacks that can lead to code injection, unauthorized accesses,
identity theft, etc. This type of attacks, called XML Rewriting Attacks, are
all based on unauthorized, yet possible, modifications of SOAP messages. We
present in this paper an explanation of this kind of attack, review the
existing solutions, and show their limitations. We also propose some ideas to
secure SOAP messages, as well as implementation ideas
- …