An advanced certificate validation service and architecture based on XKMS

Ruiz‐Martínez, Antonio; Sánchez-Martínez, D.; Marín-López, C. Inmaculada; Pérez, Manuel Gil; Gómez‐Skarmeta, Antonio F.

doi:10.1002/spe.996

Cited by 3 publications

(3 citation statements)

References 21 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…As there are several possibilities, we do not indicate the messages that will be exchanged, and these are only shown as step 0a in Figure . Furthermore, the PKI offers some certificate validation mechanisms such as Certificate Revocation Lists (CRLs), Online Certificate Status Protocol (OCSP), XKMS, Advanced Electronic Signatures (AdES), and Certificate Validation Service (CVS) .…”

Section: Sipmsign: a Lightweight Session Initiation Protocol‐based Momentioning

confidence: 99%

“…If the MASP correctly verifies the m‐signature, then the access to the application/services is provided or the transaction continues. For the validation of the certificate associated to the signature or in the event MASP has to store the m‐signature during long periods of time, the use of AdES CVS is recommended for obtaining validation information as well as the various evidences required for its storage during long periods.…”

Section: Sipmsign: a Lightweight Session Initiation Protocol‐based Momentioning

confidence: 99%

See 1 more Smart Citation

SIPmsign: a lightweight mobile signature service based on the Session Initiation Protocol

et al. 2012

View full text Add to dashboard Cite

SUMMARY The development of mobile signatures could increase the spread and adoption of mobile services based on electronic signatures, such as mobile payments, mobile business transactions, and mobile government services. A Mobile Signature Service (MSS) means that a user in any of the scenarios mentioned can attach an electronic signature, anywhere, anytime, as with a handwritten signature with a device that is almost always on him or her. Several solutions have appeared, such as using the European Telecommunications Standard Institute MSS, the Mobile Signature Application Unit, and the Mobile Network Operator‐independent MSS. These solutions present two kinds of drawbacks. On the one hand, some of them require the service to be developed by all mobile network operators, whereas others are not based on efficient communications. In this paper, we present a new MSS named SIPmsign that solves these problems. Our proposal is based on the Session Initiation Protocol and defines how to exchange the information in a secure and more efficient way than previously. Thanks to Session Initiation Protocol, we provide the adoption of our proposal as a MSS for the new generation of mobile communications. In this paper, we also present the prototype we have developed as a proof of its feasibility as well as an evaluation of the performance of our solution. Copyright © 2012 John Wiley & Sons, Ltd.

show abstract

Section: Sipmsign: a Lightweight Session Initiation Protocol‐based Momentioning

confidence: 99%

Section: Sipmsign: a Lightweight Session Initiation Protocol‐based Momentioning

confidence: 99%

SIPmsign: a lightweight mobile signature service based on the Session Initiation Protocol

et al. 2012

View full text Add to dashboard Cite

show abstract

“…These proposals, which are designed to make the payment in SIP are [6][7][8][9]12]. From these proposals we can point out that [5,6,8,9,11] are not suitable for making micropayments since a third party participates in each payment and asymmetric cryptography is used, which also involves certificates, verifications [53] and increased transactions costs [13]. Therefore, they are not suitable for making real-time micropayments.…”

Section: Related Studymentioning

confidence: 99%

A lightweight payment scheme for real-time services based on SIP

Ruiz‐Martínez

Marín-López

2012

J Wireless Com Network

Self Cite

View full text Add to dashboard Cite

In the session initiation protocol (SIP), payments have been proposed as a way for vendors to obtain profit from the services they provide. Payments in SIP have also been proposed for microbilling and even as a solution to SPAM in VoIP systems. Although several proposals exist for making payments in SIP, they present some limitations when we want to pay for access to real-time services: either they are not suitable for micropayments or they do not consider security in the payment information exchanged. As a response to these limitations, we propose a new SIP payment protocol, LP-SIP, that supports the payment according to different models like pay-per-time, session-based, etc. It also performs payments in SIP efficiently and takes into account the secure exchange of payment information, unlike other existing proposals. Thus, we provide a lightweight payment protocol that can be used for the payment of real-time services.

show abstract

Challenges in Securing ESB Against Web Service Attacks

Rahman

Sahu

Tomar

2017

Advances in Business Information Systems and Analytics

View full text Add to dashboard Cite

Web services and Service oriented architecture are innovative phase of distributed computing, build on top of the distributed computing models. Web services are being used mostly for the integration business components. One of the key concerns in web services and service oriented architecture is implementation of adequate security. Security issues in SOA are still probing and in spite of an increase in web service research and development, many security challenges remain unanswered. This chapter introduces the vulnerabilities, threats associated with web services and addresses WS-Security standards and countermeasures. Web service protocol is designed to provide connectivity. Not any of these standards of web services contain any inbuilt security aspect of their own. Web Services are exposed to attack from common Internet protocols and in addition to new categories of attacks targeting Web Services in particular. Consequently, the aim of this chapter is to provide review of security mechanism in web services.

show abstract

An advanced certificate validation service and architecture based on XKMS

Cited by 3 publications

References 21 publications

SIPmsign: a lightweight mobile signature service based on the Session Initiation Protocol

SIPmsign: a lightweight mobile signature service based on the Session Initiation Protocol

A lightweight payment scheme for real-time services based on SIP

Challenges in Securing ESB Against Web Service Attacks

Contact Info

Product

Resources

About