New User? Need help? Click here to register for free! Registering removes the advertisements.

Computer Cops
image image image image image image image image
Donations
If you found this site helpful, please donate to help keep it online
Don't want to use PayPal? Try our physical address
image
Prime Choice
· Head Lines
· Advisories (All)
· Dnld of the Week!
· CCSP News Ltrs
· Find a Cure!
· Ian T's (AR 23)
· Marcia's (CO8)
· Bill G's (CO11)
· Paul's (AR 5)
· Robin's (AR 2)
· Ian T's Archive
· Marcia's Archive
· Bill G's Archive
· Paul's Archive
· Robin's Archive
image
Security Central
· Home
· Wireless
· Bookmarks
· CLSID
· Columbia
· Community
· Downloads
· Encyclopedia
· Feedback (send)
· Forums
· Gallery
· Giveaways
· HijackThis
· Journal
· Members List
· My Downloads
· PremChat
· Premium
· Private Messages
· Proxomitron
· Quizz
· RegChat
· Reviews
· Google Search
· Sections
· Software
· Statistics
· Stories Archive
· Submit News
· Surveys
· Top
· Topics
· Web Links
· Your Account
image
CCSP Toolkit
· Email Virus Scan
· UDP Port Scanner
· TCP Port Scanner
· Trojan TCP Scan
· Reveal Your IP
· Algorithms
· Whois
· nmap port scanner
· IPs Banned [?]
image
Survey
How much can you give to keep Computer Cops online?
$10 up to $25 per year?
$25 up to $50 per year?
$10 up to $25 per month?
$25 up to $50 per month?
More than $50 per year?
More than $50 per month?
One time only?
Other (please comment)



Results
Polls

Votes: 987
Comments: 19
image
Translate
English German French
Italian Portuguese Spanish
Chinese Greek Russian
image
image prot: Privacy: Is SSL enough security for first- generation Web services? image
Protocols
A discussion of why SSL does not always provide a suitable method of authentication for Web services

Introduction

Since its inception in March 1995, when it was used in Netscape 1.1, SSL has become the de facto way to encrypt data sent between HTTP requesters (Web browsers) and HTTP servers (Web servers). Because of this, SSL is an obvious security choice for first-generation Web services. SSL works at the session layer of the OSI stack to provide point-to-point confidentiality and one-way or two-way authentication. Used alone, however, SSL does not provide complete protection for first-generation Web services.

SSL provides only partial protection for first generation Web services

Most first-generation Web services have been deployed in internal integration projects behind a company's firewall. However, some companies are now deploying Web services to expose internal systems over the Internet to business partners or distributed divisions. Early adopters of Web services technology can be found in the financial, government, and healthcare sectors, where risk of attack is greater as the data exchanged is often of a sensitive or high value nature.

SSL provides adequate confidentiality for first-generation Web services. Using SSL the channel over which two parties communicate can be kept confidential - data is encrypted by the sender and decrypted by the recipient. First- generation Web services, typically involve passing of messages between two points only, so ensuring confidentiality at the session layer is sufficient.

However, SSL does not always provide a suitable method of authentication for Web services. With server-side SSL the client obtains a copy of the Web server's certificate, allowing it to authenticate the server and establish an encrypted channel. This one-way means of authentication is commonly used in B2C environments where the functionality clients can access is fairly innocuous, as typically Web sites expose limited functionality. For example with B2C book sites the risk is mitigated on the seller side by the low value of the transactions and on the buyer side by the low credit card liability limit. The predominant risk is that a third party might steal credit card or other private details from the end-user by intercepting a message or by impersonating a Web server.

Full Article: WebServices.org
Posted on Thursday, 18 July 2002 @ 11:00:00 EDT by Paul
image

 
Login
Nickname

Password
· New User? ·
Click here to create a registered account.
image
Related Links
· TrackBack (0)
· PHP HomePage
· HotScripts
· W3 Consortium
· Netscape
· TCP/IP Protocol Suite
· More about Protocols
· News by Paul
Most read story about Protocols:
Free Online Port Scanning Utilities

image
Article Rating
Average Score: 0
Votes: 0

Please take a second and vote for this article:

Bad
Regular
Good
Very Good
Excellent

image
Options

Printer Friendly Page  Printer Friendly Page
image
"Login" | Login/Create an Account | 0 comments
Threshold
The comments are owned by the poster. We aren't responsible for their content.

No Comments Allowed for Anonymous, please register
Home · Topics · Submit News · Top 10
This entire site, Cops Themes, and Computer Cops are © 2002 - 2004 Computer Cops, LLC. All rights reserved.
You can syndicate our news using the file RSS 0.91, ultramode.txt, or RSS 1.0.
Acceptable Use Policy. Use signifies your agreement.
Engine Copyright © 2002 by PHP-Nuke, GNU/GPL Licensed. ICRA Member.
Paul Laudanski, Member of Computer Cops, LLC
Server Load: 665 pages served in previous 5 minutes. Page Rendered: 0.221 seconds.