XML Security and JSR 105-106

By Sean Mullan (Play time: 39:16)

Currently 2.9306152/5
1
2
3
4
5

Rating: 2.93/5 (1,398 votes)

Unknown macro: {parleysvideoplayer}

Unknown macro: {parleysnavigation}

Unknown macro: {parleystoc}

Welcome to JavaPolis 2007!
Overall Presentation Goal
Speaker's Qualifications
Agenda
XML Signature Features
XML Signature Example
XML Signature Example (cont.)
XML Encryption Features
XML Encryption Example
XML Encryption Example (cont.)
Agenda
JSR 105 and 106 Features
JSR 105 and 106 Architecture
Package Hierarchy
A few of the most significant classes of JSR 105
A few of the most significant classes of JSR 106
Agenda
Apache XML Security Project
Apache XML Security Project (Continued)
Apache XMLSec Performance
Agenda
Programming Examples
Generating an XML Signature
Generating an XML Signature
Generating an XML Signature
Generating an XML Signature (cont.)
Generating an XML Signature (cont.)
Generating an XML Signature (cont.)
Generating an XML Signature (cont.)
Generating an XML Signature (cont.)
Generating an XML Signature (cont.)
Generating an XML Signature (cont.)
Validating an XML Signature
Validating an XML Signature
Validating an XML Signature
What if the XML Signature is invalid!?
Encrypting the CreditCard Element
Encrypting the CreditCard Element
Encrypting the CreditCard Element
Encrypting the CreditCard Element (cont.)
Encrypting the CreditCard Element (cont.)
Encrypting the CreditCard Element (cont.)
Encrypting the CreditCard Element (cont.)
Decrypting the CreditCard Element
Decrypting the CreditCard Element
Decrypting the CreditCard Element
Decrypting the CreditCard Element
Logging Support
KeySelectors
"See what is signed"
Agenda
Future of XML Signature and Encryption
Agenda
More Information
Summary

As web services are being used ever more frequently to perform secure transactions, the need for authenticating and protecting the XML data that is transmitted over potentially insecure networks is essential.

With the incorporation of JSR 105 (Java XML Signature API) into JDK 6, Java programmers now have a standard solution for creating and validating XML signatures. And with the progression of JSR 106 (Java XML Encryption API) through the Java Community Process, a standard solution for XML encryption will soon be available.
This session will describe the two core XML security technologies, XML
Signature and Encryption, and show you how to sign and encrypt data in Java using the JSR 105 and 106 APIs. Simple and more advanced use cases will be presented along with code examples. Debugging tips and common mistakes will also be covered.

The session will also provide an overview and history of the Apache XML Security project, which the implementation of JSR 105 is based on.

Finally, the session will take a look at where XML Security may be headed in the future, and discuss some of the issues that were discussed at the recent W3C workshop on Next Steps for XML Signature and Encryption.

Sean Mullan is a staff engineer working on Java Security at Sun Microsystems. He is the co-specification lead of the XML Digital Signature API (JSR 105) which is now part of JDK 6 and is a committer on the Apache XML Security project. He also participates in the W3C XML Security Specifications Maintenance Working Group. Previously, he was specification lead of the Certification Path API (JSR 55) which was successfully integrated into JDK 1.4. In addition, he focuses on access control, performance, and overall PKI and XML security support in the Java SE platform.

Unknown macro: {parleysrelatedcontent}

Unknown macro: {parleysshareit}