Every application must implement some security measures at one time or the other. Whether it is just restricting parts of a client-server application or making sure that the integrity of desktop application is maintained. In this workshop, not only the means to implement a secure web application will be shown, but also how to sign documents and using the eID
Practical
Date: March 15th 2007
Location: Atrium Seminars, Hof ter Vleestdreef, 1070 Brussel
Price: Free for BeJUG members, 100 Euro (+ 21% VAT) for non-members.
Integrating XML Advanced Electronic Signatures (XAdES) by Frank Cornelis
The XAdES v1.3.2 specification has been developed by the European Telecommunications Standard Institute to meet the growing importance of legal context in electronic commerce and the need for signature standards to provide interoperability for electronic business and electronic government. This presentation gives an overview of the extensions that XAdES adds to W3C XML Digital Signatures. After briefly presenting DContract as an implementation of the XAdES specification we continue on the practical integration of XAdES into your Java applications. Especially given the situation in Belgium where every citizen will have an electronic ID by 2009, the integration of XAdES with existing PKIX infrastructure is vital. The picture not only includes XAdES, but also X.509, PKCS#11, TSP, OCSP, and CRL. A demo of a XAdES application will be given together with some sample code.
Developing with the Belgian eID Java card by Danny De Cock
In this presentation, we introduce the architecture in which Belgian eID cards are issued and used. We also focus on how applications should correctly use the eID card to, e.g., read the card's content, produce signatures with the card, and to verify these signatures.
15:00 - 15:15
break
15:15 - 16:15
The Bouncy Castle API: JCE, CMS and ASN.1 by Karsten Ohme
The presentation gives an introduction into the Java Cryptography Extension architecture and related topics. It focuses on Bouncy Castle as an example of a Java crypto provider. As a related topic the Cryptographic Message Syntax standard is explained and its API implementation in Bouncy Castle. Further more the ASN.1 API of Bouncy Castle is presented. The different topics will be illustrated by code examples and some advanced and upcoming features of Bouncy Castle are shown.
The Acegi framework: what does it offer for you and when does it make sense to use it? Which authentication mechanisms are supported today? Steven will answer these questions and throws in a sample application as well.
Danny De Cock
(BeJUG 2006)
This page
Other pages
Account
