Advertisement

XML Signatures in an Enterprise Service Bus Environment

  • Eckehard Hermann
  • Dieter Kessler
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3677)

Abstract

The goal of service oriented architectures (SOA) is to allow a message based and loosely coupled interaction between different web services. This approach allows the orchestration of web services in distributed, heterogeneous applications where the different services can be implemented in different programming languages, run on different machines and be based on different protocols. The adoption of web services to integrate systems within an organization and with partners is strongly dependent on the security standards that accompany service oriented architectures (SOA). The XML (Extensible Markup Language) Signature standard plays a key role here. For protecting such a distributed application, XML Signatures are used on several levels and for different challenges, for example to guarantee the integrity and authenticity of the exchanged messages and their authentication information, as well as the audit trails and to provide non-repudiation. The paper describes the role of XML Signatures for protecting Enterprise Service Bus (ESB) based SOA applications.

References

  1. 1.
    Kollmorgen, R., Kessler, D., Hermann, E., Jung, F.: Digital signatures in XML, http://asia.cnet.com/builder/architect/system/0,39009336,39100045,00.htm
  2. 2.
    XML Signature Syntax and Processing, http://www.w3.org/TR/xmldsig-core/
  3. 3.
    Kuznetsov, E.: XML Web services security best practices, http://www.builderau.com.au/manage/work/0,39024674,39130825,00.htm
  4. 4.
    Liberty ID_FF Architecture Overview, Version: 1.2-errata-v1.0, http://www.projectliberty.org/specs/draft-liberty-idff-arch-overview-1.2-errata-v1.0.pdf
  5. 5.
    Software AG ESI Security and SOA Security white papers, http://www.softwareag.com
  6. 6.
  7. 7.
  8. 8.
    Long-term Archive And Notary Services (LTANS) Internet-Draft, http://ietfreport.isoc.org/ids/draft-ietf-ltans-ers-02.txt
  9. 9.
  10. 10.
    IETF Working Group on Transport Layer Security, http://www1.treese.org/ietf-tls/

Copyright information

© IFIP International Federation for Information Processing 2005

Authors and Affiliations

  • Eckehard Hermann
    • 1
  • Dieter Kessler
    • 1
  1. 1.Research & Development XML IntegrationDarmstadtGermany

Personalised recommendations