XKMS - PowerPoint PPT Presentation

About This Presentation

Title:

XKMS

Description:

Would require very close binding to underlying PKI. Client refers to ... In either case need to bind answer to trust model. Securing XKMS Messages. Options. SSL ... – PowerPoint PPT presentation

Number of Views:297

Avg rating:3.0/5.0

Slides: 12

Provided by: phillipha

Category:

Tags: xkms | bind

Transcript and Presenter's Notes

Title: XKMS

1
XKMS

Dr. Phillip Hallam-BakerVeriSign Inc.

2
Revision of XKMS

Principles
Syntax Issues
Split Register Function
Trust Model Selection
Securing XKMS Messages
Error Handling

3
Principles

Version 1.2 or 2.0 ?
See syntax, split Register
Priority is simple client
Transfer irreducible complexity to server
Optional Features
Client can never be required to ask questions
Server can be required to answer them
Answer might be I dont do that

4
Syntax

Take advantage of XML Schema rec.
Align to XML Signature, SAML conventions
Every element is of named type
No global attributes
Allow services to advertise features through WSDL
Allow reuse of elements/types in X-Bulk

5
Split Register Function

Most requested change
Separate Register Functions
Register
Should server/user generation be separate as
well?
Revoke
Reissue
Recover
2.0 beta 1 Does not change Authentication
Server/User Authentication model is bogus
Rename some elements to make more descriptive
Respond ? RespondWith etc.

6
Trust Model Selection

Options
Client describes trust model
Incompatible with XKMS philosophy
Would require very close binding to underlying
PKI
Client refers to trust model by URL
Client accesses different trust models via
different service URLs
In either case need to bind answer to trust model

7
Securing XKMS Messages

Options
SSL
OK, but requires an X.509 parser
Transport level is limited
WS-Security
Not yet proposed as WG
Might be something to address after XKMS 2.0
The bootstrap problem
Pre-profile WS-Security

8
Pre-profile WS-Security

Sign Encrypt
XML-Signature, XML-Encryption
Encapsulation
Wrap?
Define own SOAP headers?
Definitely want detachability.
Need to bind in
Web Service Port
Digest of request if not authenticated

9
Robustness

Deadlock Livelock
The need for a maximum forwarding counter
Without control chained requests will deadlock or
livelock.
Chained requests important for e.g. Identrus.

10
Error Handling

Specify fault behavior in greater detail
Use implementation experience

11
Pending Response

Fix this!
We need the facility

Write a Comment

User Comments (0)

About PowerShow.com

Recommended Relevance Latest Highest Rated Most Viewed

Sort by:

Related More from user

CrystalGraphics Presentations

Introducing-PowerShowcom PowerPoint PPT Presentation

Introducing-PowerShowcom - Introducing-PowerShowcom (Without Music)

CrystalGraphics 3D Character Slides for PowerPoint PowerPoint PPT Presentation

CrystalGraphics 3D Character Slides for PowerPoint - CrystalGraphics 3D Character Slides for PowerPoint

Chart and Diagram Slides for PowerPoint PowerPoint PPT Presentation

Chart and Diagram Slides for PowerPoint - Beautifully designed chart and diagram s for PowerPoint with visually stunning graphics and animation effects. Our new CrystalGraphics Chart and Diagram Slides for PowerPoint is a collection of over 1000 impressively designed data-driven chart and editable diagram s guaranteed to impress any audience. They are all artistically enhanced with visually stunning color, shadow and lighting effects. Many of them are also animated. And they’re ready for you to use in your PowerPoint presentations the moment you need them. – PowerPoint PPT presentation

Related Presentations

XKMS Specifications PowerPoint PPT Presentation

XKMS Specifications - A C# program generates TOC, paragraph numbers etc. Expect to extend this to automate linkage to ... DoS protection. Added mechanism to prevent response replay ... | PowerPoint PPT presentation | free to view

Without Security, Web Services are Dead on Arrival PowerPoint PPT Presentation

Without Security, Web Services are Dead on Arrival - The mainframe running Cobol from dusty decks. Connecting to external ... Must be a static. mechanism. Application. XKMS. XKMS. XKMS. 26. WS-KeyAgreement ' ... | PowerPoint PPT presentation | free to view

W3C XKMS Workshop B2B Requirements PowerPoint PPT Presentation

W3C XKMS Workshop B2B Requirements - Not just a News Agency. Information Company. Financial Markets ... Newspaper, Broadcasters, News Agencies. Transactions. Foreign Exchange Dealing ... | PowerPoint PPT presentation | free to view

Exchange Network Key Management Services PowerPoint PPT Presentation

Exchange Network Key Management Services - What is XKMS. A World Wide Web Consortium (W3C) standard, XKMS 2.0, is finalized ... A Web service interface to PKI technologies, accessible to any applications ... | PowerPoint PPT presentation | free to view

IT-Sicherheit PowerPoint PPT Presentation

IT-Sicherheit - ... (XKMS) Auf XML basierender Schl ssel ... das die Darstellung und Verarbeitung von Autorisierungs-Policies standardisiert XML Key Management Specification ... | PowerPoint PPT presentation | free to view

La nouvelle plateforme de dveloppement de Microsoft PowerPoint PPT Presentation

La nouvelle plateforme de dveloppement de Microsoft - Apr 00. SOAP 1.1. Nov 00. XKMS 1.0. Dec 00. SOAP with. Attachments. Submission. Mar 01. WSDL 1.1 ... Apr 01. SOAP. Toolkit. v2. Jun 01. VS.NET. b2. Agenda. Un peu d'histoire... | PowerPoint PPT presentation | free to view

July 25, Agenda PowerPoint PPT Presentation

July 25, Agenda - MSG: Arvola Chan, Pete Wenzel, Sinisa Zimek. Registry see Negotiation. SAML-see security ... RosettaNet: Pete Wenzel. W3C: Web Services, XKMS, XMLenc,XMLP. IETF ... | PowerPoint PPT presentation | free to view

ICS 484 Arabization of Computers ??????? ??????? (????? ????????) PowerPoint PPT Presentation

ICS 484 Arabization of Computers ??????? ??????? (????? ????????) - ICS 484 Arabization of Computers ( ) 214131 | PowerPoint PPT presentation | free to view

Network%20Shared%20Services PowerPoint PPT Presentation

Network%20Shared%20Services - Shared Services Network Authentication and Authorization Services Exchange Network Discovery Service ... for Secure Web Services ... UDDI Operating Model UDDI.EPA.GOV ... | PowerPoint PPT presentation | free to view

XML Key Management Services Tutorial PowerPoint PPT Presentation

XML Key Management Services Tutorial - Make PKI-based security easier to use. Address multi-vendor, cross-plat issues ... Set the service URL. Understand supported KeyInfo elements ... | PowerPoint PPT presentation | free to view

XML Key Management Requirements PowerPoint PPT Presentation

XML Key Management Requirements - Define private key POP mechanism for both signing and encryption keys ... Web based, incl namespace and XML schema. XML DigSig for signed requests/responses ... | PowerPoint PPT presentation | free to view

SWEB Security and Privacy Technologies PowerPoint PPT Presentation

SWEB Security and Privacy Technologies - SWEB Security and Privacy Technologies Implementation Aspects Venue: SWEB Day in APV, Novi Sad Author(s): Dr. Milan Markovi Organisations: MISANU Belgrade | PowerPoint PPT presentation | free to view

NAAS 2.0 Features and Enhancements PowerPoint PPT Presentation

NAAS 2.0 Features and Enhancements - Enhancements. Incorporates the latest federal cryptographic standards (FIPS) ... Can establish trust with other credential providers through token sharing and ... | PowerPoint PPT presentation | free to view

XML Security PowerPoint PPT Presentation

XML Security - XML Security By Rami Amar January 2003 Introduction XML is a growing standard Security integration is essential XML Security combines legacy cryptographic ... | PowerPoint PPT presentation | free to view

XML Security PowerPoint PPT Presentation

XML Security - ATTLIST book isbn CDATA '0' bookstore name Mike's Store /name topic name XML /name ... book /topic /bookstore 7 of 50 xsd:complexType name='topicType' ... | PowerPoint PPT presentation | free to view

T-110.455 Network Application Frameworks and XML Summary and Conclusions 27.04.2005 Sasu Tarkoma PowerPoint PPT Presentation

T-110.455 Network Application Frameworks and XML Summary and Conclusions 27.04.2005 Sasu Tarkoma - T-110.455 Network Application Frameworks and XML Summary and Conclusions 27.04.2005 Sasu Tarkoma | PowerPoint PPT presentation | free to view

E-Commerce Security PowerPoint PPT Presentation

E-Commerce Security - What does the future hold for this issue? What is E-Commerce? ... can lead to identity theft, credit card theft, vulnerable bank accounts, etc ... | PowerPoint PPT presentation | free to view

Standards and Protocols PowerPoint PPT Presentation

Standards and Protocols - Standards and Protocols Chapter 7 | PowerPoint PPT presentation | free to view

Semantically Enriching Access Control Rules for Web Services PowerPoint PPT Presentation

Semantically Enriching Access Control Rules for Web Services - ISWDS 2005, Galway, Ireland. Brian Shields. 2. Overview ... ISWDS 2005, Galway, Ireland. Brian Shields. 5. Methodology. Research part of the iWise project ... | PowerPoint PPT presentation | free to view

Web Services Security PowerPoint PPT Presentation

Web Services Security - authentication: how do I know your identity is true? authorization: are you allowed ... no authorization, auditing, non-repudiation. Limitation 2: Protocol translation ... | PowerPoint PPT presentation | free to view

Web%20Services%20and%20Web%20Services%20Security%20Presented%20August%207,%202004%20at%20AMCIS2004%20New%20York,%20New%20York%20by%20Dr.%20Robert%20J.%20Boncella%20Washburn%20University PowerPoint PPT Presentation

Web%20Services%20and%20Web%20Services%20Security%20Presented%20August%207,%202004%20at%20AMCIS2004%20New%20York,%20New%20York%20by%20Dr.%20Robert%20J.%20Boncella%20Washburn%20University - Dr. Robert J. Boncella. Washburn University. 2. Overview of Presentation ... Ford, W., Hallam-Baker, P., Fox, B., Dillaway, B., LaMacchia, B., Epstein, J. ... | PowerPoint PPT presentation | free to view

Patterns%20for%20Web%20Services%20Security%20Standards PowerPoint PPT Presentation

Patterns%20for%20Web%20Services%20Security%20Standards - WS-Federation: Active Requestor Profile. WS-Federation: Passive Requestor Profile. WS-Signature ... OASIS Specification. Latest Version: WS-Security 1.1 ... | PowerPoint PPT presentation | free to view

Authentication Approaches PowerPoint PPT Presentation

Authentication Approaches - Allow all mail from hotmail.com, they use rate limiting' Allows more aggressive criteria ... Con: Only works if mail from domain is relayed. Generalized ... | PowerPoint PPT presentation | free to view

NSI: A Client-Server-Model for PKI Services PowerPoint PPT Presentation

NSI: A Client-Server-Model for PKI Services - PKIs setup by companies and organizations. Allow certificates to be issued and retrieved ... No longer need to reconfigure every client when PKI or policy changes ... | PowerPoint PPT presentation | free to view

ServiceOriented AI PowerPoint PPT Presentation

ServiceOriented AI - ... for describing web services on the lines of previously used IDL in COM/CORBA ... WSDL works with network end-points (ports) abstractions ... | PowerPoint PPT presentation | free to view

Tech Tuesday Presents XMLPKI Security Law Enforcement Prototype PowerPoint PPT Presentation

Tech Tuesday Presents XMLPKI Security Law Enforcement Prototype - SOAP (Simple Object Access Protocol) XML (eXtensible Markup Language) ... Request via Mobile Digital Computer to local agency. 3. ... | PowerPoint PPT presentation | free to view

Concepts of Network Security and Intrusion Detection PowerPoint PPT Presentation

Concepts of Network Security and Intrusion Detection - Title: Improved Thumbprint and Its Application for Intrusion Detection Author: jhyang Last modified by: UMES Created Date: 6/4/2005 9:16:29 PM Document presentation ... | PowerPoint PPT presentation | free to view