Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
ECOWS
2007
Springer
2007
Springer
SSL-over-SOAP: Towards a Token-based Key Establishment Framework for Web Services
Key establishment is essential for many applications of cryptography. Its purpose is to negotiate keys for other cryptographic schemes, usually for encryption and authentication. In a web services context, WS-SecureConversation has been specified to make use of negotiated keys. The most popular key establishment scheme in the Internet is the (handshake protocol of the) Secure Socket Layer or Transport Layer Security protocol (SSL/TLS). However, SSL/TLS has primarily been designed to secure HTTP, by encrypting and authenticating TCP connections. It is thus not usable to negotiate keys in SOAP connections with intermediaries. We propose SSL-over-SOAP, a family of key establishment protocols for Web services. It is based the design of the SSL handshake, so security analysis results for standard SSL/TLS apply to our new proposal. We have implemented this protocol in the framework of WS-Trust and WS-SecureConversation.
Real-time TrafficECOWS 2007 | Internet Technology | Key Establishment | Key Establishment Scheme | Transport Layer Security Protocol |
| Added | 18 Oct 2010 |
| Updated | 18 Oct 2010 |
| Type | Conference |
| Year | 2007 |
| Where | ECOWS |
| Authors | Sebastian Gajek, Lijun Liao, Bodo Möller, Jörg Schwenk |
Comments (0)
Researcher Info
|
