Submitted By :   Md. Hasan Basri                 Reg. No. : 1010048, Roll: 700030, Session: 2006 -2007                 Dep...
 “Without Trust and Security, Web Services are Dead on Arrival.”                         - Phillip Hallam-Baker
 Providing a key management specification for secure web service communication considering the principal of symmetric key...
• Security Requirements• Public Key Infrastructure (PKI) Challenge• What is XML Key Management Services (XKMS)• XKMS Basic...
•   Secure Authentication Requirement: Password-based    authentication is weak, costly, and difficult to manage•   Messag...
•   Very complicated technology with some proprietary    implementations•   Non-standard interface, difficult to use, depl...
•   A World Wide Web Consortium (W3C) standard, XKMS    2.0, is finalized•   A central key depository with Web service int...
•   XKMS Advantages    –   A Web service interface to PKI technologies, accessible to any applications        on the Inter...
•   PKI Essentials    – A key is generated and broken up into two pieces – Public       Key and Private Key    – Private K...
•   XML Key Information Services (XKISS) – Locate and    validate Public Keys•   XML Key Registration Services (XKRSS) – R...
•   A document is signed using the Private Key and key    information (KeyName, KeyValue)•   The receiver locates / valida...
•   The sender locates the receiver’s Public Key from an XKMS    server•   The sender encrypts a document using the receiv...
•   A user registers Public Key in XKMS•   The user creates an Authenticate message and signs the    message using the Pri...
• XKMS is the foundation for secure exchanges in the  network – basic component for XML encryption and  signature• XKMS pr...
XML Key Management Protocol for Secure Web Service
XML Key Management Protocol for Secure Web Service
XML Key Management Protocol for Secure Web Service
Upcoming SlideShare
Loading in …5
×

XML Key Management Protocol for Secure Web Service

819 views

Published on

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
819
On SlideShare
0
From Embeds
0
Number of Embeds
22
Actions
Shares
0
Downloads
16
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

XML Key Management Protocol for Secure Web Service

  1. 1. Submitted By : Md. Hasan Basri Reg. No. : 1010048, Roll: 700030, Session: 2006 -2007 Department of Computer Science, IST. National University Bangladesh.Supervised By: A.N.M Khaleqdad Khan Assistant Professor, Department of Computer Science, Institute of Science and Technology (IST). National University Bangladesh.
  2. 2.  “Without Trust and Security, Web Services are Dead on Arrival.” - Phillip Hallam-Baker
  3. 3.  Providing a key management specification for secure web service communication considering the principal of symmetric key cryptography.
  4. 4. • Security Requirements• Public Key Infrastructure (PKI) Challenge• What is XML Key Management Services (XKMS)• XKMS Basic Services (Advantages, PKI Essentials)• XML Signature using XKMS• XML Encryption using XKMS• Authentication using XKMS• Interaction with XKMS• Conclusion
  5. 5. • Secure Authentication Requirement: Password-based authentication is weak, costly, and difficult to manage• Message Security: Message-level confidentiality and non- repudiation needed• Payload Security: Confidential business information (CBI) may require submissions to be signed and encrypted
  6. 6. • Very complicated technology with some proprietary implementations• Non-standard interface, difficult to use, deploy, and maintain• Very high cost of acquisition, support, and operation• Very low interoperability (No PKI standard interfaces)• Certificate validation is very challenging
  7. 7. • A World Wide Web Consortium (W3C) standard, XKMS 2.0, is finalized• A central key depository with Web service interface to PKI• Vendor-neutral PKI solution for public key and certificate management• A very simple access model• Foundation for secure Web services (XML signature, XML encryption, XKMS)• XKMS will be the PKI solution to the Exchange Network, and the key element to a strong security model.
  8. 8. • XKMS Advantages – A Web service interface to PKI technologies, accessible to any applications on the Internet – Vendor-neutral PKI solution for public keys and certificates management – Dramatically reduces cost of PKI. Key can be generated and registered at anytime on any machine – Online real-time key/certificate validation using a simple Web method
  9. 9. • PKI Essentials – A key is generated and broken up into two pieces – Public Key and Private Key – Private Key never goes out of your machine, but share Public Key with anyone – When a data is encrypted using one key, it could only be decrypted using another – Encryption: Encrypt data using the receiver’s Public Key – Signature: Encrypt data using your Private Key
  10. 10. • XML Key Information Services (XKISS) – Locate and validate Public Keys• XML Key Registration Services (XKRSS) – Register, revoke, recover, and reissue public keys or X.509 certificates• Secure key exchange with XML encryption and signature• All operations are defined as Web service methods
  11. 11. • A document is signed using the Private Key and key information (KeyName, KeyValue)• The receiver locates / validates the Public Key used for the signature from an XKMS server• The receiver verifies the signature using the valid key
  12. 12. • The sender locates the receiver’s Public Key from an XKMS server• The sender encrypts a document using the receiver’s Public Key• The receiver decrypts the document using the Private Key
  13. 13. • A user registers Public Key in XKMS• The user creates an Authenticate message and signs the message using the Private Key• Network Authentication and Authorization Server (NAAS) locates / validates the user’s Public Key from XKMS• NAAS verifies the signature. The user is authenticated if the signature is valid – the holder of the Private Key
  14. 14. • XKMS is the foundation for secure exchanges in the network – basic component for XML encryption and signature• XKMS provides a simple standard interface to PKI• Network XKMS services will be available to all network nodes and node clients• XKMS will be integrated into NAAS for key-based authentication• XKMS is the PKI solution without the PKI complexity and cost

×