XML digital signature system independent of existing applications
Abstract
This paper describes a turnkey solution to add a XML digital signature capability without modifying existing XML-based B2B systems. The signature proxy between applications watches for XML messages exchanged on the network. Outbound messages are received by the proxy and automatically signed and by a signature server implemented as a Web service. Inbound messages are also verified by using the proxy and the signature server The existing applications do not care about handling of digital signatures. The signature server can also provide (1) content-based key selection and (2) logging of signed documents with fine-grain access control. The system introduced in this paper is called the XML Security Services Suite (XS-Cube), a set of security-related Web services including digital signatures.