Index_C


C

C+ code, validating XML Signature in (example), 80–81

CA (Certificate Authority) and public key infrastructure, 29–31. See also keys

canonicalization, 69–70

exclusive canonicalization, 70

namespace problems with, 70

and PKCS#7, 70

and XML processing, 69–70

<CanonicalizationMethod>, 240

case studies

foreign exchange transactions, 287–290

local government service portal, 286–287

XML gateway rollout. See XML gateway rollout (case study)

categoryBag, 230

CBC (Cipher Block Chaining), 90

certificates. See also PKI (Public Key Infrastructure)

Kohnfelder proposal for, 138

PKI management of, 139

CheckSignature, 80

CipherValue/CipherReference, 89

circle of trust, 205

C14N (canonicalization). See canonicalization

ComputeSignature, 80

<Conditions>, 107

confidentiality. See also encryption; security

in ebXML, 254, 256

persistent confidentiality, 53

use of SSL for, 38

in XACML, 135

contracts/contract law. See also SAML (Security Assertion Markup Language)

“accept” button, caveats about, 280

acceptance, 262

agreements: what was agreed?, 266–267

agreements: when was it agreed?, 268

agreements: who agreed to it?, 268–269

audit trails, trustworthy, 269–270

authenticating acts, 275–276

biometrics, 34, 278–279

casual queries, 280

checklist, 282–283

consideration, 262

contacts, 229

contracts, legal components of, 261–262

data protection laws, EU and U.S., 270

digital certificates, corroborative, 273, 274

digital certificates, disposable, 274

digital certificates, stand-alone, 273, 274

digital signatures: dispelling the myths, 264–266

digital signatures, hierarchy of, 273–274

digital signatures: legally neutral vs. secured, 272–273

digital signatures, timestamps on, 268

digital signatures vs. digitized electronic signatures, 264

digital signing and key-pair system, 262–264

GUI disability laws, 280

intention to create legal relations, 262

international laws, note on, 272

legal components, a primer of, 261–262

legal security is holistic, 280

litigation planning, 280

“nonce” in messages, 268

offer, 262

online contracting and online security, 261

quaint early legal requirements, 265

SAML, value of, 278

SAML as messenger, not guarantor, 276–277

SAML assertions, securing, 277

SAML assertions and liability, 277

SAML assertions and profiles, 274–275

security, 260–261, 281–282

shared cultural assumptions, importance of, 280–281

“signature,” legal interpretations of, 265

SSL, contractual effect/security of, 278

transport level security vs. full end-to-end security, 266–267

unwanted contracts, 280

Web Services: legally relevant technical trends, 270–271

Web Services architecture, evidential credibility of, 271–272

cookies, Passport, 189–190

MSP Auth cookies, 188

user ID value, 191

CORBA (Common Object Request Broker Architecture), and firewalls, 5




Web Services Security
Web Services Security
ISBN: 0072224711
EAN: 2147483647
Year: 2003
Pages: 105
Authors: Mark ONeill

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net