SOAP-DSIG is used to satisfy the message authentication requirement. It i

How to use SOAP-DSIG and SSL for non-repudiation?

Question Posted / supra

1 Answers
5594 Views
I also Faced
E-Mail Answers

Answer Posted / supra

SOAP-DSIG is used to satisfy the message authentication
requirement. It is important to note that you can use SOAP-
DSIG and SSL simultaneously by exchanging

the above HTTP messages over SSL.

Technology Satisfied security requirements
SSL Confidentiality, sender/recipient authentication, and
message authentication by MAC
SOAP-DSIG Message authentication by digital signature and
MAC

SSL provides confidentiality and sender/recipient
authentication. SSL also has functionality for adding MACs
to transmitted messages. On the other hand,

SOAP-DSIG can be used to add not only MACs but also digital
signatures to transmitted messages, but it is not
sufficient for sender/recipient authentication

because it is vulnerable to attacks such as replay attacks.
Therefore, SOAP-DSIG and SSL complement the functionalities
that the other system lacks.

Remember that in order to satisfy the requirement
of non-repudiation, at a minimum you need to simultaneously
guarantee both message authentication by using a

digital signature and sender authentication.
Therefore, using SOAP-DSIG and SSL (with client
authentication) simultaneously is the first step towards
realizing non- repudiation. Specifically, you use
SOAP-DSIG for message authentication by using a digital
signature and SSL client/server authentication for
sender/recipient authentication.

Is This Answer Correct ?

1 Yes

0 No

Post New Answer View All Answers

Please Help Members By Posting Answers For Below Questions

Explain the actions performed by soapui?

487

Explain the difference between RPC and Local calls?

517

One key aspect of service oriented architectures is late binding of services: That is while an application is being executed the system can bind to the required concrete service. i. Service selection in inContext makes use of non- functional and functional aspects. Discuss briefly the difference between functional and non- functional aspects in SoA and why it is necessary to consider both when selecting services. ii. Discuss briefly how the inContext platform uses relevance ranking for service selection. Explain in particular how context data is being used. Continued

1830

Soap or rest apis, which method to use?

495

Explain about the SOAP Envelope element?

516

Explain about the encoding style attribute?

556

How a soap message is structured?

443

What are the elements of a soap message?

476

What is Simple Object Access Protocol (SOAP)?

486

what is the difference between SOAP web service and RESTful web service?

566

State the syntax rule for soap message?

492

What are the advantages of json over http as compared to soap over http?

1825

What are the syntax rules for a soap message?

498

Differentiate soap and rest?

470

What is wc3 standards?How is the link between SOAP and webservices to it?

2132