Index_S

Previous page
Table of content
Next page


S

SAML (Security Assertion Markup Language), 54. See also contracts/contract law

access control types in, 112–113

architecture of, 109–110

assertions in, 54, 102, 274–275

assertions and liability, 277

assertions, securing, 277

AttributeQuery XML, 115–117

authentication methods supported by, 108

authentication scenario, typical code for, 111–112

authorization decision request (sample code), 132–133

checklist for, 118

commercial products supporting, 113

deploying, 113

and “distributed trust,” 274

legal value of, 278

as messenger, not guarantor, 276–277

Microsoft support of, 113

and PDP/PEP, 35, 109, 110–111

and portable trust, 54, 102–103

role in UDDI, 243–244

SAML request in UDDI, sample code for, 244–246

VeriSign Trust Services Integration Kit, 114

and WS-Security (sample code for), 178–179

XACML, commonality with, 128

saml:NameIdentifier, 224

save_binding, 235

save_business, 235

save_service, 235

save_tModel, 235

script kiddies, 56

security, 22, 260–261. See also authentication and authorization; contracts/contract law; encryption; firewalls; .NET (Microsoft); .NET servers; SOAP (Simple Object Access Protocol)

anticipated and managed failure of, 281–282

application-layer security, 55–57

and biometrics, 34, 278–279

buffer overflow attacks, 56

computer security, 84

confidentiality, use of SSL in, 38

content-filtering security at application layer, 58–60

and contract law, 260–261

directory traversal attacks, 56

DoS (Denial of Service) attacks, 36

end-used based security, 43–44

firewalls, choosing/configuring, 37–38

multiple security contexts, 47–48

OSI (Open System Interconnect), 37

Padlock icon, 23

PDP (Policy Decision Point), 35

PEP (Policy Enforcement Point), 35

persistent security, 51–52

RBAC (role-based access control), 35, 121

script kiddies, 56

session and transport layers, 38

shared cultural assumptions, importance of, 280–281

smartcards, 33–34

S/MIME application layer, 39, 53

SOAP implementations, vulnerability of, 57

SOAP security, challenge of, 42–43

SOAP worms, 57

SQL attacks, 56, 196–198

tickerSymbol, vulnerability of, 59

transport level security vs. full end-to-end security, 266–267

URL string attacks, 56

Web Services, security challenges of, 43

in XACML, 134–137

XML Schema, advantages of, 10

servers. See .NET servers

service provider, 205

serviceKey, 230

SessionIndex, 212, 225

set_publisherAssertions, 236

<SignatureMethod>, 240

signatures, digital. See contracts/contract law

<SignatureValue>, 241

<SignedInfo>, 240

SigningKey, 80

SingleLogoutProtocolProfile, 207

SingleLogoutServiceURL, 207

smartcards, 33–34

S/MIME

as pre-XML Encryption standard, 53

as secure application layer, 39

use of PKCS#7 in, 39, 66–67

SOA (Service Oriented Architecture), 5

SOAP (Simple Object Access Protocol). See also encryption; security; WS-Security; XML (various)

advantages over SOA, 11

in B2B implementations, 11–12

and end-user security, 43–44

filtering SOAP requests by XML Firewall, XML proxy, 57

firewalls and SOAP filtering, 58–60, 292

“get time” request, 59

implementations, vulnerability of, 57

message syntax, analysis of, 16–17

and multiple security contexts, 47–48

requests, order of execution of (in XACML), 128–130

requests, processing in XACML, 131–133

“reset computer” request, 59–60

routing among multiple parties, 17–18

routing between multiple Web services, 48–50

SAML data/assertions in, 54, 102, 106

SOAP Fault message analysis, 18–19

SOAP messages and WS-Security, 52

SOAP security, challenge of, 42–43

SOAP worms, 57

WS-Security, 52

as XML enveloping technology, 11

SOAPAssertionProviderFactory, 114

SoapEndpoint, 207

SOAP-SEC, and replay attacks, 77

SPKI (Simple Public Key Infrastructure), 139. See also keys; PKI (Public Key Infrastructure)

SPProviderNameIdentifier, 217

SSL (Secure Sockets Layer)

and confidentiality, authentication, 38

contractual effect/security of, 278

in navigating firewalls, 4–5

practicality of, 51

SSO (Single Sign-On), 53–54. See also Liberty Alliance Project

and the Liberty Alliance Project, 54–55, 209–210

Passport technology approach to, 54

and SAML, 54

<Statement>, 107

static binding. See binding, dynamic/static

structured documents

EDI vs. XML (example), 6–7

using XML DTDs, 8–9

using XML Schema, 9–10

Subject, 245

<Subject>, 107

<SubjectConfirmation>, 108

<SubjectLocality>, 108

<SubjectStatement>, 107

Susskind, Richard E., 260



Previous page
Table of content
Next page
Web Services Security
Web Services Security
ISBN: 0072224711
EAN: 2147483647
Year: 2003
Pages: 105
Authors: Mark ONeill
BUY ON AMAZON
CompTIA Project+ Study Guide: Exam PK0-003
Interprocess Communications in Linux: The Nooks and Crannies
C++ How to Program (5th Edition)
GO! with Microsoft Office 2003 Brief (2nd Edition)
Twisted Network Programming Essentials
Python Standard Library (Nutshell Handbooks) with
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy