Username: Save?
Password:
Home Forum Links Search Login Register*
    News: Welcome to the TechnoWorldInc! Community!
Recent Updates
[November 08, 2024, 04:31:03 PM]

[November 08, 2024, 04:31:03 PM]

[November 08, 2024, 04:31:03 PM]

[November 08, 2024, 04:31:03 PM]

[November 08, 2024, 04:31:03 PM]

[October 17, 2024, 05:05:06 PM]

[October 17, 2024, 04:53:18 PM]

[October 17, 2024, 04:53:18 PM]

[October 17, 2024, 04:53:18 PM]

[October 17, 2024, 04:53:18 PM]

[September 09, 2024, 12:27:25 PM]

[September 09, 2024, 12:27:25 PM]

[September 09, 2024, 12:27:25 PM]
Subscriptions
Get Latest Tech Updates For Free!
Resources
   Travelikers
   Funistan
   PrettyGalz
   Techlap
   FreeThemes
   Videsta
   Glamistan
   BachatMela
   GlamGalz
   Techzug
   Vidsage
   Funzug
   WorldHostInc
   Funfani
   FilmyMama
   Uploaded.Tech
   MegaPixelShop
   Netens
   Funotic
   FreeJobsInc
   FilesPark
Participate in the fastest growing Technical Encyclopedia! This website is 100% Free. Please register or login using the login box above if you have already registered. You will need to be logged in to reply, make new topics and to access all the areas. Registration is free! Click Here To Register.
+ Techno World Inc - The Best Technical Encyclopedia Online! » Forum » THE TECHNO CLUB [ TECHNOWORLDINC.COM ] » Computer / Technical Issues » Hardware
  Digital Signaturesin xml
Pages: [1]   Go Down
  Print  
Author Topic: Digital Signaturesin xml  (Read 654 times)
Daniel Franklin
TWI Hero
**********


Karma: 3
Offline Offline

Posts: 16647


View Profile Email
Digital Signaturesin xml
« Posted: October 17, 2007, 10:37:36 AM »


The Xml Digital Signatures provides the security services of data integrity, authentication, and nonrepudiation.

In a simple shorthand notation the structures of DSIG signatures with its four elements. Elements appear zero or more times if followed by "*", zero or once if followed by"?", and once or more if followed by "+". When not followed by a symbol, elements appear only once.

Removing attributes and contents in the notation it becomes an example of signature object using three of its four elements.

The signature object contains the cryptographic hash of any signed information, and a reference to the information itself. The signed information may be an arbitrary document. However, often, it will be an XML object. The ability to sign only specific elements of XML documents is one of the most important features of DSIG. It lets the unsigned parts of the XML document is enhanced, modified, or removed for privacy or efficiency, keeping the signature valid.

DSIG signatures may contain either the signed XML object contained in the XML object, or detached from the signed object or document. When the signed XML object envelops the signature, the enveloped signature value itself is not included in the signature calculation and validation computation. For this you use the enveloped-signature transform, removing the whole signature element in which it is contained from the digest calculation.

Public key digital signatures that provide nonrepudiation, such as RSA, are computationally intensive operations; therefore, DSIG also allows shared-key authentication that provides authentication but nonrepudiation.
Collision resistant hashing of the signed content is also used to save computational requirements.

Generating DSIG signatures:

1. Identity resources to be signed.
2. Calculating the digest value and composing reference elements for each resource.
3. Composing the signed info element from all references.
4. Computing value of signature method over identity resources to be signed element by applying algorithms like DSA, RSA-SHA1, etc
5. Composing the signature elements with signedInfo, signature value, identity key used to sign, and other optional objects like signature properties.

An XML DSIG may contain multiple reference elements in the same document

DSIG signatures may contain either the signed XML object contained in the XML object, or detached from the signed object or document. When the signed XML object envelops the signature, the enveloped signature value itself is not included in the signature calculation and validation computation. For this you use the enveloped-signature transform, removing the whole signature element in which it is contained from the digest calculation.

Public key digital signatures that provide nonrepudiation, such as RSA, are computationally intensive operations; therefore, DSIG also allows shared-key authentication that provides authentication but nonrepudiation.
Collision resistant hashing of the signed content is also used to save computational requirements.

Generating DSIG signatures:
1. Identity resources to be signed.
2. Calculating the digest value and composing reference elements for each resource.
3. Composing the signed info element from all references.
4. Computing value of signature method over identity resources to be signed element by applying algorithms like DSA, RSA-SHA1, etc
5. Composing the signature elements with signedInfo, signature value, identity key used to sign, and other optional objects like signature properties.

An XML DSIG may contain multiple reference elements in the same document.

Logged

Pages: [1]   Go Up
  Print  
 
Jump to:  

Copyright © 2006-2023 TechnoWorldInc.com. All Rights Reserved. Privacy Policy | Disclaimer
Page created in 0.188 seconds with 24 queries.