 |
Further
Reading ...
|
|
Should Meta Tags Be Used With Search Engine Optimization?
I deal with many questions from curious website owners everyday. One question I have a new answer for is, "Should I use META tags on my site when do search engine optimization?" Old Answer: It couldn't hurt, but don't worry about them, the search...
How to REALLY Profit from SEO
I want to give you a few more things to think about as you excel and grow in the craft of search engine marketing. If you are anything like me, you were hooked the first time you really made a difference to someone else's success. I soon realized...
Scrap booking Online: Word Perfect or Corel Graphics Suite?
Scrapbooks are very popular these days. I think that almost everyone wanted to capture family histories and stories in any which way they can. And with the onset of digital technology, scrap booking has even extended to newsletters and journals with...
How to succeed with the Search Engines
The Cold Hard Facts….. One of the most important factors in being successful in your business is to learn how to rank high in the search engines. It has been said that the search engines can account for as much as 95% of all the traffic to...
|
|
|
Digital Signaturesin xml
|
 |
Written By:
Pawan Bangar
|
|
|
The Xml Digital Signatures provides the security services of data integrity, authentication, and nonrepudiation.
In a simple shorthand notation the structures of DSIG signatures with its four elements. Elements appear zero or more times if followed by "*", zero or once if followed by"?", and once or more if followed by "+". When not followed by a symbol, elements appear only once.
Removing attributes and contents in the notation it becomes an example of signature object using three of its four elements.
The signature object contains the cryptographic hash of any signed information, and a reference to the information itself. The signed information may be an arbitrary document. However, often, it will be an XML object. The ability to sign only specific elements of XML documents is one of the most important features of DSIG. It lets the unsigned parts of the XML document is enhanced, modified, or removed for privacy or efficiency, keeping the signature valid.
DSIG signatures may contain either the signed XML object contained in the XML object, or detached from the signed object or document. When the signed XML object envelops the signature, the enveloped signature value itself is not included in the signature calculation and validation computation. For this you use the enveloped-signature transform, removing the whole signature element in which it is contained from the digest calculation.
Public key digital signatures that provide nonrepudiation, such as RSA, are computationally intensive operations; therefore, DSIG also allows shared-key authentication that provides authentication but nonrepudiation.
Collision resistant hashing of the signed content is also used to save computational requirements.
Generating DSIG signatures:
1. Identity resources to be signed.
2. Calculating the digest value and composing reference elements for each resource.
3. - continued below ...
|
|
|
continued ...
Composing the signed info element from all references.
4. Computing value of signature method over identity resources to be signed element by applying algorithms like DSA, RSA-SHA1, etc
5. Composing the signature elements with signedInfo, signature value, identity key used to sign, and other optional objects like signature properties.
An XML DSIG may contain multiple reference elements in the same document
DSIG signatures may contain either the signed XML object contained in the XML object, or detached from the signed object or document. When the signed XML object envelops the signature, the enveloped signature value itself is not included in the signature calculation and validation computation. For this you use the enveloped-signature transform, removing the whole signature element in which it is contained from the digest calculation.
Public key digital signatures that provide nonrepudiation, such as RSA, are computationally intensive operations; therefore, DSIG also allows shared-key authentication that provides authentication but nonrepudiation.
Collision resistant hashing of the signed content is also used to save computational requirements.
Generating DSIG signatures:
1. Identity resources to be signed.
2. Calculating the digest value and composing reference elements for each resource.
3. Composing the signed info element from all references.
4. Computing value of signature method over identity resources to be signed element by applying algorithms like DSA, RSA-SHA1, etc
5. Composing the signature elements with signedInfo, signature value, identity key used to sign, and other optional objects like signature properties.
An XML DSIG may contain multiple reference elements in the same document.
About the Author
Pawan Bangar,
Technical Director,
Birbals,
#1047,Sector 42-b,
Chandigarh.
www.ebirbals.com
www.birbals.com
|
|
|
|
 |
|
|
| _Additional Resources ... |
|
Spyware : An Internet Plague
As spyware threats continue to grow the methods by which users are infected becomes less and less difficult. It no longer takes physical access to a computer nor do users have to click on an ad or email attachment to install the malicious...
I Still Have To Send Out Invitations!
Party coming up? Need to mail those invitations asap? Not to worry! Use your computer to create them! Making your own invitation is like picking the right card for the person you are sending it to. Your design can show what type of event and the...
Internet Terminology
The first step to navigating your way around the internet is to understand the lingo. The first time I used the internet I was mystified. I thought “are all these people speaking Greek or gibberish?” I soon learned that the internet is a separate...
|
|
|
|
|
|
|
|
|
|
