|
ebXML (electronic business XML), 250. See also XML (eXtensible Markup Language)
authorization and authentication in, 254, 256
business process module in, 250
collaboration protocol profile and agreement in, 250
data integrity and/or confidentiality in, 254, 256
DoS and/or spoofing in, 254
and message security, 254, 257
message service module, 251
messaging service vulnerabilities, 254
nonpersistent authentication/integrity, 256
persistent digital signature, 256
persistent signed receipt, 256
registry access control, 253
registry content security, 253
registry information and services, 251
registry security, broad-brush level of, 253
registry security standards and requirements, 251
security, 251
signature algorithm DSA-SHA1.ebXML, 255
standards, 255
trusted time stamps, 256
XPath transform in, 255
EDI (Electronic Document Interchange)
disadvantages of, 7
EDI fragment, XML restructuring of, 7
semantic information in, 7
syntax, structural rules for, 6–7
XML implementation of, 12
encryption, 23. See also keys; security; S/MIME; XML Signature; XML Encryption
AES (Advanced Encryption Standard), 25, 91
asymmetric encryption, 26–27, 28
authentication, 32–33
backdoors, 24
and computer security, 84
cryptanalysis, 24
and data digests, 27
DES (Data Encryption Standard), 25, 90–91, 96–97
digital signatures, 28–29
and hashing algorithms, 27
IV (Initialization Vector), 24, 91–92
keyspace, 24–25
nonrepudiation, 29
persistent encryption, 84–85
plaintext vs. cybertext, 23
RSA algorithms, 26
symmetric encryption, 25–26
terminology of, 23–25
WS-Security, functional description of, 52
|