A digital signature uses encryption technology to support data integrity and nonrepudiation. A digital signature provides proof that a particular person (the signatory) sent a piece of information (the signed data). Digital signatures rely on public key cryptography rather than certificates. You create a digital signature by using your private key to apply a signing encryption algorithm to the data being signed. The signing algorithm does not modify the data, but it does produce a unique value (the hash), which is the digital signature. The receiver verifies the signature by applying a verification encryption algorithm to the same data, but this time using the signatory?s public key. The generated value should match the digital signature. If the signed data have been tampered with in any way during transport, the signatures won?t match. Because only the signatory has access to the private key, the receiver is assured that the signed data did in fact come from that person and that the data have not been altered in any way.
Dig deeper on Simple Object Access Protocol (SOAP)
Related Q&A from Anne Thomas Manes
Anne Thomas Manes explains the differences between open source clients and open source implementations.continue reading
Anne Thomas Manes discusses the best way to go about creating an enterprise data dictionary and why the systems works well.continue reading
Anne Thomas Manes explains the difference between 'hard' real time and 'live' real time systems.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.