Chapter 5: XML Encryption


Overview

Question: What does it mean when a computer is termed “secure?” Simson Garfinkel and Gene Spafford write in their book, Practical UNIX & Internet Security, that “a computer is secure if you can depend on it and its software to behave as you expect.” This is a neat definition that gets across an important point that is sometimes forgotten in the information security industry: that security is imple- mented in the context of a system, not just for its own sake. That’s the definition from industry experts. Now, ask a person on the street what it means when a computer is “secure.” Chances are, you will hear an answer that mentions encryption—“it’s secure if the files on it are encrypted.” Ask what else is involved in making the computer secure and you will probably get a blank look.

This tight link between security and encryption in the public mind might be because of science-fiction novels and movies involving code breaking, or real-life characters such as the code breakers of World War II. In any case, we have seen that there is more to security than encryption. In fact, there is more to cryptography than encryption. In Chapter 4, we saw how cryptography is used for the high-level security principles of integrity and nonrepudiation, using XML Signature. In Chapter 2 we saw what encryption is, and how it can be divided into symmetric (one key) and asymmetric (two keys) encryption. We saw how it is one option for satisfying the high-level security principle of confidentiality. The other option is to impose tight access control over the data, or use an air gap to keep the data totally separate from a network.

This chapter builds on Chapter 2 to explain what XML Encryption is, and what it isn’t. We’ll see what it is used for in the world of Web Services. Finally, we’ll see some code examples. At no point do we need to drop down into the actual cryptography, but some knowledge of the cryptographic principles from Chapter 2 is certainly useful.




Web Services Security
Web Services Security
ISBN: 0072224711
EAN: 2147483647
Year: 2003
Pages: 105
Authors: Mark ONeill

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net