Web Services Trust

Standards/Proposals

  1. XML Signature - the XML Signature proposal, of which Entrust is a co-author, specifies how to digitally sign XML documents at levels of granularity down to individual elements. The resultant signature is captured in XML syntax. XML Signature has advanced to W3C/IETF Candidate Recommendation stage

  2. XML Encryption - XML Encryption specifies a process for encrypting digital content (including but not exclusive to XML) and an XML syntax for the encrypted content and appropriate required information that enables an intended recipient to decrypt it. Entrust co-authored the XML Encryption Proposal that has since been submitted to a W3C Working group

  3. XKMS - (XML Key Management Service) is a proposed standard for the enrollment and subsequent management of keys. Rather than integrating complicated PKI key management functionality into applications through 'toolkits', XKMS enables the outsourcing of this PKI functionality to remote services. The application developer need only know how to create/process the appropriate XML messages with which the remote services are invoked.

    Entrust has submitted a proposal to the XKMS standardization process for extension to address the requirements of the manufacturing scenario, e.g. smart cards and mobile phones.

  4. SAML - (Secure Assertion Markup Language) is a standard for the exchange of authentication and authorization information between trust domains. SAML enables Single Sign On across trust domains and across different vendor platforms. An OASIS Security Services Technical Committee ratified SAML as an OASIS Open Standard in November 2002, taking as input multiple contributions including S2ML and AuthXML, but intending that SAML will be built from first principles. Entrust is a member of the OASIS SS TC and co-chairs the Protocols and Core Assertions sub-groups within the TC.

  5. XACML - (XML Access Control Markup language) is a proposed standard for an XML syntax for describing fine-grained access control policies for XML documents.

  6. SOAP - (Simple Object Access Protocol) is a lightweight XML protocol that governs the exchange of information in a distributed environment.
    SOAP provides a standardized XML envelope for carrying other application specific XML payloads, a set of encoding rules for expressing instances of application-defined datatypes, and a convention for representing remote procedure calls and responses.

  7. UDDI - (Universal Description, Discovery, and Integration) is a specification for registries of distributed Web-based business information. Companies publish descriptions of the services they offer, along with instructions on how the services are invoked, to the UDDI registry such that other companies can discover, and ultimately, use them. Entrust is a UDDI Advisor.

  8. WSDL - (Web Services Description Language) is an XML format for describing network services as a set of endpoints operating on messages . WSDL service definitions provide the technical details for describing Web Services that would be required for someone to actually invoke the service, e.g. input paramaters, output format etc.

Contact Us

Entrust Public Key Infrastructure (PKI)

Public key infrastructure or PKI refers to a comprehensive system that uses authentication security and encryption software to establish and maintain a trustworthy network. Government agencies and corporations use PKI certificates to fortify their IT infrastructure from unauthorized access.

Entrust PKI security solutions help network administrators accomplish the goal of greater security by associating a public key with authorized users to enable encryption and digital signature capabilities across network applications. Epassport PKI is an adaptation of PKI for the government sector that stores information on a chip that can be verified against the data on the passport. Entrust, a certification authority, also enables passport PKI and smart card PKI for an additional security.

Entrust is a trusted provider of network security solutions that include digital certificates, two factor-authentication, ssl certificates, token authentication, and certificate management systems.