Scribd
Upload
31 views

XML Security Standard

The document discusses several XML security standards including XML Digital Signature, XML Encryption, XML Key Management (XKMS), Security Assertion Markup Language (SAML), and XML Access Control Markup Language (XACML). It focuses on XML Digital Signature, explaining that its objective is to ensure data integrity, message authentication, and nonrepudiation of services. It describes detached, enveloped, and enveloping signatures and provides an example of the basic structure of an XML Signature.

Uploaded by

Hafiz Mahamud
Copyright
© Attribution Non-Commercial (BY-NC)
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
31 views

XML Security Standard

The document discusses several XML security standards including XML Digital Signature, XML Encryption, XML Key Management (XKMS), Security Assertion Markup Language (SAML), and XML Access Control Markup Language (XACML). It focuses on XML Digital Signature, explaining that its objective is to ensure data integrity, message authentication, and nonrepudiation of services. It describes detached, enveloped, and enveloping signatures and provides an example of the basic structure of an XML Signature.

Uploaded by

Hafiz Mahamud
Copyright
© Attribution Non-Commercial (BY-NC)
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 5

XML SECURITY STANDARD

WEB SECURITY SERVICE


MUHAMAD HAFIZ BIN MAHAMUD SAZARIAQMA BIN SAMSUDIN

XML SECURITY STANDARD


XML Digital Signature for integrity and signatures, XML Encryption for confidentiality, XML Key Management (XKMS) for key management, Security Assertion Markup Language (SAML) for making authentication and authorization assertions, and

XML Access Control Markup Language (XACML) for stating authorization rules.

XML DIGITAL SIGNATURE


The objective of XML signature is to ensure data integrity, message authentication, and nonrepudiation of services. An XML signature used to sign a resource outside its containing XML document is called a detached signature If it is used to sign some part of its containing document, it is called an enveloped signature If it contains the signed data within itself it is called an enveloping signature.

An XML Signature consists of a Signature element in the http://www.w3.org/2000/09/xmldsig# namespace. The basic structure is as follows:
<Signature> <SignedInfo> <CanonicalizationMethod /> <SignatureMethod /> <Reference> <Transforms> <DigestMethod> <DigestValue> </Reference> <Reference /> etc. </SignedInfo> <SignatureValue /> <KeyInfo /> <Object /> </Signature>

You might also like