You are here: silicon.com > Resources > White Papers

White Papers

The New XML Standards for Secure Web Services

Overview Until recently, Web services security was based on Public-Key Infrastructure (PKI) at the transport level. Most Web services developers with security concerns rely on SSL/TLS (Secure Sockets Layer/Transport Layer Security) encryption, the industry-accepted standard protocol for secured encrypted communications over TCP/IP. But SSL doesn't work that well for Web services. A number of XML security technologies are emerging to address the Web services security requirements unaddressed by SSL. These initiatives include XML-Encryption, which enables data to be encrypted at the message layer and thus keeps the message confidential between hops, and XML-Signature, which can be used to detect changes to the message between hops.

Further White Paper Details
Publisher	Oracle	File Format	HTML
Date Published	October 2006
Format	White Papers
Topics	N/A

Did you find this white paper useful?

Delivering Information in Real Time

Publisher:
IBM

IDC reports on Novell's Secure Desktop Solution: A Modern-Day Marriage of Business Benefit and Risk Reduction

Publisher:
Novell

Green IT: Reducing your Carbon Footprint with Citrix

Publisher:
Citrix Systems

A Day in a Low Carbon Life 2012

Publisher:
IBM

Does 802.11n deliver better wireless services for Enterprises?

Publisher:
Siemens

UPS and HP launch secure online courier service

She said the UPS service relied on SSL (secure sockets layer) to provide up to 128-bit strength encryption, depending on the location of the recipient. Martha Bennett, VP of European Research at Giga Information, told Silicon.com: "Passwords and...

Channel:
PDAs

Private bits - the battle to safeguard data through encryption

The data is encrypted by combining the bits in the key mathematically with the data bits. As long as encryption is made to look invisible or at least integrated with a plain user interface, such as SSL, it should work with end users," he said.

Channel:
Comment & Analysis

Tech mismatch leaves m-commerce struggling

According to top security experts, the basic encryption standard currently incorporated in most internet transactions - secure sockets layer (SSL) - is not compatible with wireless transport layer security (WTLS), deployed in most handheld devices...

Channel:
Security Strategy

The A-Z of ebusiness (S)

Signature files are often used to include personal details or security messages. Signature File SSL SSL has already been succeeded by TLS (see TLS). Secure Socket Layer, a system used to keep transactions over the internet protected and...

Channel:
WebWatch

Web services specs focus on simplified security

The proposed standards, if they become accepted among IT providers, would simply make it easier to incorporate secured communications and to establish policies. The most notable of them, WS-Security, is a technology that is making its way into web...

Channel:
Applications

"Most devious" bank email phishing scam discovered

In that case the scam's designers used encrypted SSL conections to direct users to their site but fraudulent certificates to persuade victims they were in the right place. You can only see that the session is encrypted but you can't tell who you're...

Channel:
Security Strategy

Virtualisation: Architectual Considerations and other Evaluation Criteria

In the past several years, server virtualisation technology has moved quickly and firmly into the IT mainstream. Of the many approaches to system virtualisation available in the market today, VMware's hypervisor architecture has gained the greatest market acceptance. This paper examines the architectural issues, solution support, and enterprise readiness required when deploying such a virtualisation solution.

Publisher:
EMC

Getting Started with Master Data Management

Master data management forms part of an overall enterprise governance program that aims to establish trusted data throughout the enterprise. This white paper from Mike Ferguson of Intelligent Business Strategies defines master data, examines why it is needed, and explores methodologies for implementing master data management.

Publisher:
DataFlux

Optimising Storage with Global File Virtualisation

This white paper will provide an overview on how Rainfinity Global File Virtualisation virtualises unstructured data environments and moves data -including active, open files-without disruption to users or applications. Rainfinity is the only enterprise-class file virtualisation solution, and delivers complete NAS optimisation across geterogeneous environments, such as NAS, CAS, and file servers.

Publisher:
EMC

Also on silicon.com

Site Navigation:

White Papers

The New XML Standards for Secure Web Services

Quick Sitemap Links:

About Us

Search

Blogs

Verticals

Advertising Features

CNET Networks in Europe

CNET Networks in the United States

CNET Networks in Asia Pacific