Golgappa.net | Golgappa.org | BagIndia.net | BodyIndia.Com | CabIndia.net | CarsBikes.net | CarsBikes.org | CashIndia.net | ConsumerIndia.net | CookingIndia.net | DataIndia.net | DealIndia.net | EmailIndia.net | FirstTablet.com | FirstTourist.com | ForsaleIndia.net | IndiaBody.Com | IndiaCab.net | IndiaCash.net | IndiaModel.net | KidForum.net | OfficeIndia.net | PaysIndia.com | RestaurantIndia.net | RestaurantsIndia.net | SaleForum.net | SellForum.net | SoldIndia.com | StarIndia.net | TomatoCab.com | TomatoCabs.com | TownIndia.com
Interested to Buy Any Domain ? << Click Here >> for more details...

  1. Categories >> Software >> Web Related >> SOAP
  2. Suggest New Category

How to use SOAP-DSIG and SSL for non-repudiation?

Question Posted / supra

Answer Posted / supra

SOAP-DSIG is used to satisfy the message authentication
requirement. It is important to note that you can use SOAP-
DSIG and SSL simultaneously by exchanging


the above HTTP messages over SSL.





Technology Satisfied security requirements
SSL Confidentiality, sender/recipient authentication, and
message authentication by MAC
SOAP-DSIG Message authentication by digital signature and
MAC


SSL provides confidentiality and sender/recipient
authentication. SSL also has functionality for adding MACs
to transmitted messages. On the other hand,


SOAP-DSIG can be used to add not only MACs but also digital
signatures to transmitted messages, but it is not
sufficient for sender/recipient authentication


because it is vulnerable to attacks such as replay attacks.
Therefore, SOAP-DSIG and SSL complement the functionalities
that the other system lacks.



Remember that in order to satisfy the requirement
of non-repudiation, at a minimum you need to simultaneously
guarantee both message authentication by using a

digital signature and sender authentication.
Therefore, using SOAP-DSIG and SSL (with client
authentication) simultaneously is the first step towards
realizing non- repudiation. Specifically, you use
SOAP-DSIG for message authentication by using a digital
signature and SSL client/server authentication for
sender/recipient authentication.

Is This Answer Correct ?    1 Yes 0 No



Post New Answer       View All Answers


Please Help Members By Posting Answers For Below Questions

What is a soap?

809

What hierarchy soapui follows to build a proper testing project?

853

What is mandatory in soap message?

843

What are the various approaches available for developing soap based web services?

729

how to find the person who locked in the weblogic server

2501

What are soapui assertions?

863

How a soap message is structured?

758

what is shop?

2488

What are the factors that help to decide which style of web services – soap or rest – to use?

813

What is the difference between top down and bottom up approach in soap web services?

821

Can you elaborate on SoapBindingSkeleton?

2915

Enlist the operation types response used in wsdl?

815

Explain the major obstacle faced by soap users?

1128

What are the important characteristics of soap envelope element?

805

What is the difference between top down & bottom up approach in soap web services?

759