How to use SOAP-DSIG and SSL for non-repudiation?
- 1 Answers
- 6458 Views
- I also Faced
- E-Mail Answers
Answer / supra
SOAP-DSIG is used to satisfy the message authentication
requirement. It is important to note that you can use SOAP-
DSIG and SSL simultaneously by exchanging
the above HTTP messages over SSL.
Technology Satisfied security requirements
SSL Confidentiality, sender/recipient authentication, and
message authentication by MAC
SOAP-DSIG Message authentication by digital signature and
MAC
SSL provides confidentiality and sender/recipient
authentication. SSL also has functionality for adding MACs
to transmitted messages. On the other hand,
SOAP-DSIG can be used to add not only MACs but also digital
signatures to transmitted messages, but it is not
sufficient for sender/recipient authentication
because it is vulnerable to attacks such as replay attacks.
Therefore, SOAP-DSIG and SSL complement the functionalities
that the other system lacks.
Remember that in order to satisfy the requirement
of non-repudiation, at a minimum you need to simultaneously
guarantee both message authentication by using a
digital signature and sender authentication.
Therefore, using SOAP-DSIG and SSL (with client
authentication) simultaneously is the first step towards
realizing non- repudiation. Specifically, you use
SOAP-DSIG for message authentication by using a digital
signature and SSL client/server authentication for
sender/recipient authentication.
| Is This Answer Correct ? | 1 Yes | 0 No |
in soapui i am prepared test data and create request and run the request. response generated. this response data how to validate/verification. how to verify the xml data in database. write query to get xml response data in oracle query. pls help me
How to write a SOAP Client using Apache SOAP for Java?
What are the tools used for testing web services?
what is the response format for SOAP response?
How does the processing of the call() function happens on the server side using soap?
Explain the difference between RPC and Local calls?
What does method list of soap consists of?
What are the steps involved in doing the data exchange between the client and the server?
List out the important characteristics of soap envelop element.
What are the elements of a soap message?
what is the end point in web services?
How a soap message is structured?
HTML DHTML 
