The Center for Education and Research in Information Assurance and Security (CERIAS)

The Center for Education and Research in
Information Assurance and Security (CERIAS)
Center for Education and Research in Information Assurance and Security

Merkle Tree Authentication in UDDI Registries

Download

Download PDF Document
PDF

Author

E. Bertino, B.Carminati, E.Ferrari

Tech report number

CERIAS TR 2004-67

Entry type

techreport

Abstract

UDDI registries are today the standard way of publishing information on web services. They can be thought of as a structured repository of information that can be queried by clients to find the web services that better fit they needs. Even if, at the beginning, UDDI has been mainly conceived as a public registry without specific facilities for security, today security issues are becoming more and more crucial, due to the fact that data published in UDDI registries may be highly strategic and sensitive. In this paper, we focus on authenticity issues, by proposing a method, based on Merkle Hash Trees, which does not require the party managing the UDDI to be trusted wrt authenticity. In the paper, besides giving all the details of the proposed solution, we show its benefit wrt standard digital signature techniques.

Download

PDF

Date

2004

Key alpha

UDDI authenticity, digital signature, XML, Merkle hash tree

Publication Date

2004-01-01

Contents

1. INTRODUCTION 2. UDDI REGISTRIES 3. XML MERKLE TREE AUTHENTICATION 4. APPLYING THE MERKLE SIGNATURE TO UDDI REGISTRIES 5. MERKLE SIGNATURES VS. XML SIGNATURES IN UDDI REGISTRIES 6. PROTOTYPE OF AN ENHANCED UDDI REGISTRY 7. CONCLUDING REMARKS

Language

English

Location

A hard-copy of this is in the CERIAS Library

BibTex-formatted data

To refer to this entry, you may select and copy the text below and paste it into your BibTex document. Note that the text may not contain all macros that BibTex supports.