Ws secureconversation
Download
1 / 10

WS-SecureConversation - PowerPoint PPT Presentation


  • 64 Views
  • Uploaded on

WS-SecureConversation. Vidya Iyer 3/11/06. Web services. SecureConversation. End-to-end security Leverages SSL, and Kerberos Leverages XMLENC and XMLDSIG Establishes contexts for convenient multi-message communication Initial overhead to establish context, then faster communication.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'WS-SecureConversation' - katherine


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Ws secureconversation

WS-SecureConversation

Vidya Iyer

3/11/06



Secureconversation
SecureConversation

  • End-to-end security

  • Leverages SSL, and Kerberos

  • Leverages XMLENC and XMLDSIG

  • Establishes contexts for convenient multi-message communication

  • Initial overhead to establish context, then faster communication


Terms
Terms

  • Security Token – security related information (ie. X.509 cert, Kerberos ticket, username)

  • Security Context – established authenticated state, and related keys

  • Security Context Token – URI representation of Security Context



Changing contexts
Changing contexts

  • Amending, Renewing, Cancel contexts

  • Requester sends Amend URI http://schemas.xmlsoap.org/ws/2005/02/trust/RST/SCT/Amend

  • And proof of possession of key

  • Recipients authenticate request and update their context

  • Same for Renew, Cancel


Deriving keys
Deriving keys

  • Common to use SecureContexts to agree on pseudorandom generators to derive keys

  • Uses DeriveKeyToken syntax

  • Syntax is agnostic to key derivation scheme

  • No need to send key material


Benefits over ssl
Benefits over SSL

  • End-to-end security

  • XML aware

  • Selective encryption

  • Easier to nullify existing contexts



ad