The Design And Implementation Of Authenticated Dictionary Based On Web Services

As the need for digital data becomes more ubiquitous, so does the need to provide efficient mechanisms for distributing and verifying the authenticity of that data. For example, an Internet portal site that aggregates information from many different sources—such as weather, news headlines, and stock prices—and provides that information to its users. Currently, it is up to the user's discretion whether to trust the information provided by the portal; if they trust the portal, then they trust the data it provides, evidently this mechanism lack of secure guarantee. It is possible to individually verify the authenticity of each piece of data, without implicitly trusting the portal, using a distributed authenticated dictionary.The main drawback of previous versions of authenticated dictionaries was the fact that clients had to access it using a bulky, proprietary interface. Not only did this require special knowledge on the part of the application developer, but it also required a separate toolkit to be provided for each target operating system and programming language. Additionally, such toolkits used proprietary communications protocols, canonicalizers, and serializers. In this thesis, we choose Web Services technology in order to achieve greater interoperability with client flatforms, reduce repetitive design and research new ways of simplifying proof verification. By building a Web Services interface to authenticated dictionary, we are better able to utilize existing standards to achieve greater levels of portability, interoperabliity, and ease of use for the client.We contribute a design and implementation of an authenticated dictionary and a SOAP-based Web Services interface of authenticated dictionary in Java platform. In this system we implement authenticated dictionary with Skip List, implement Signature and verification with XML Signature, and deploy Web Services with JWSDP. There are several technologies used in the system, such as Java Security package, Java Collection framework and Base64 encoding.First we introduce Web Services and XML Security technology. Subsequently, we introduce the basic concept of authenticated dictionary and the design of authenticated dictionary with Skip List. Then, we mainly discuss the problems about the implementation of the system, such as the format of SOAP message, the implementation...