Bhargavan et al., 2005 - Google Patents
A semantics for web services authenticationBhargavan et al., 2005
View PDF- Document ID
- 2749939072257940116
- Author
- Bhargavan K
- Fournet C
- Gordon A
- Publication year
- Publication venue
- Theoretical Computer Science
External Links
Snippet
We consider the problem of specifying and verifying cryptographic security protocols for XML web services. The security specification WS-Security describes a range of XML security elements, such as username tokens, public-key certificates, and digital signatures …
- 238000000034 method 0 description 84
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communication
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communication including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3263—Cryptographic mechanisms or cryptographic arrangements for secret or secure communication including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
- H04L9/3268—Cryptographic mechanisms or cryptographic arrangements for secret or secure communication including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements using certificate validation, registration, distribution or revocation, e.g. certificate revocation list [CRL]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communication
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communication including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communication including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network
- H04L63/0823—Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communication
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communication including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communication including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Bhargavan et al. | A semantics for web services authentication | |
| Bhargavan et al. | TulaFale: A security tool for web services | |
| US7774831B2 (en) | Methods and apparatus for processing markup language messages in a network | |
| US7536712B2 (en) | Flexible electronic message security mechanism | |
| Jager et al. | How to break XML encryption | |
| Bhargavan et al. | Secure sessions for web services | |
| US20030204719A1 (en) | Application layer security method and system | |
| US7293283B2 (en) | Flexible electronic message security mechanism | |
| US20040078577A1 (en) | Method and apparatus for providing xml document encryption | |
| Bhargavan et al. | A semantics for web services authentication | |
| Alber et al. | Adapting the TPL trust policy language for a self-sovereign identity world | |
| Rahaman et al. | An inline approach for secure soap requests and early validation | |
| Gruschka et al. | Event-Based SOAP Message Validation for WS-SecurityPolicy-Enriched Web Services. | |
| Bartel et al. | XML signature syntax and processing version 1.1 | |
| Sinha et al. | A formal solution to rewriting attacks on SOAP messages | |
| Backes et al. | Tailoring the dolev-yao abstraction to web services realities | |
| Mainka et al. | XSpRES-Robust and Effective XML Signatures for Web Services. | |
| Patel et al. | Attacks on web services and mitigation schemes | |
| Kleiner et al. | Web services security: A preliminary study using Casper and FDR | |
| Mainka | Automatic Penetration Test Tool for Detection of XML Signature Wrapping Attacks in Web Services | |
| Gennai et al. | A certified email system for the public administration in Italy | |
| Hamouda | An Ontology-Based Approach for Detecting Soap Message Attacks | |
| Indrakanti | Service Oriented Architecture Security Risks and their Mitigation | |
| Teraguchi et al. | Optimized web services security performance with differential parsing | |
| Aljawarneh et al. | Security policy framework and algorithms for web server content protection |