| There are needs of security mechanisms in widespread Web Service application deployments. As not all transaction layers are protected by security mechanism, XML documents, carriers of Web Service application information, should be protected from possible attacks by means of payload security. PKI client applications are difficult to develop and maintain. XML Key Management Specification (XKMS) proposed by Microsoft etc. helps end problems involving digital certificate processing, revocation status checking and validation. XKMS promises to give businesses an easier way to perform these functions. Defined as XML Schema, XKMS is compatible with the Web Services standards such as WSDL and SOAP.This paper discusses the technical details and implementation details of XKMS specification and the prospects of XKMS application model on the basis of in-depth researches on XKMS and related protocols. For needs of functional subset of PKI Service, the deployment of XKMS is more cost-effective than that of kinds PKIX. For rapid software development, the interface provided by XKMS is clearer and more manageable. For organizations that have deployed PKI infrastructure, providing XKMS layer can fully exploit the investments. Implementations details include the Design and implementation of XKMS application model, underlying certificate storage schemes, serialization and de-serialization between Java Objects and XML, etc.The enactment of 《Digital Signature Law》 of PRC will ensure the legal validity of digital signature. Trust Mechanism is the basis of digital signature, thus researches on and implementation of XKMS specification is of applicable value.
|
PDF Full Text Request