传输级与消息级安全 [英] Transport-level vs message-level security

问题描述

我正在阅读一本关于 WCF 的书，作者就使用消息级安全性与使用传输级安全性的优点进行了辩论.无论如何，我在作者的论点中找不到任何逻辑

I'm reading a book on WCF and author debates about pros of using message-level security over using transport-level security. Anyways, I can't find any logic in author's arguments

运输的一个限制安全是它依赖于每个步骤"和网络参与者一致配置的路径安全.换句话说，如果一条消息必须通过中介在到达目的地之前，有没有办法保证运输已为该步骤启用安全性在中介之后(除非中介完全由原始服务提供商).如果那个安全不是忠实的转载，数据可能是下游妥协.

One limitation of transport security is that it relies on every "step" and participant in the network path having consistently configured security. In other words, if a message must travel through an intermediary before reaching its destination, there is no way to ensure that transport security has been enabled for the step after the intermediary (unless that interme- diary is fully controlled by the original service provider). If that security is not faithfully reproduced, the data may be compromised downstream.

消息安全专注于确保信息的完整性和隐私性个别消息，不考虑对于网络.通过机制例如通过加密和签名公钥和私钥，消息即使通过其他方式发送，也会受到保护未受保护的运输(如平原HTTP).

Message security focuses on ensuring the integrity and privacy of individ- ual messages, without regard for the network. Through mechanisms such as encryption and signing via public and private keys, the message will be protected even if sent over an unprotected transport (such as plain HTTP).

a)

如果该安全性不忠实转载，数据可能是下游受损.

If that security is not faithfully reproduced, the data may be compromised downstream.

是的，但是假设两个系统通信使用 SSL 和证书，那么它们交换的数据不能被中介解密，而只能被更改，接收者会注意到并因此拒绝数据包?！

True, but assuming two systems communicating use SSL and thus certificates, then the data they exchange can't be decrypted by intermediary, but instead it can only be altered, which the receiver will notice and thus reject the packet?!

b) 无论如何，据我了解以上引述，这意味着如果两个系统建立 SSL 连接，并且中间系统 S 启用了 SSL 并且 S 也归黑客所有，那么 S(又名黑客)将无法拦截通过它的 SSL 流量?但是如果S没有开启SSL，那么黑客就能拦截SSL流量?这没有意义！

b) Anyways, as far as I understand the above quote, it is implying that if two systems establish a SSL connection, and if intermediary system S has SSL enabled and if S is also owned by a hacker, then S ( aka hacker ) won't be able to intercept SSL traffic travelling through it? But if S doesn't have SSL enabled, then hacker will be able to intercept SSL traffic? That doesn't make sense!

c)

消息安全侧重于确保个人信息的完整性和隐私性ual 消息，不考虑网络.通过这样的机制作为通过公钥和私钥加密和签名，消息将是即使通过未受保护的传输(例如纯 HTTP)发送也受保护.

Message security focuses on ensuring the integrity and privacy of individ- ual messages, without regard for the network. Through mechanisms such as encryption and signing via public and private keys, the message will be protected even if sent over an unprotected transport (such as plain HTTP).

这没有意义，因为传输级别的安全性也可以使用加密和证书，那么为什么在消息级别使用私钥/公钥比在传输级别使用它们更安全呢?也就是说，如果中介能够拦截 SSL 流量，为什么它也不能拦截通过消息级私钥/公钥保护的消息?

This doesn't make sense, since transport-level security also can use encryption and certificates, so why would using private/public keys at message-level be more secure than using them at transport-level? Namelly, if intermediary is able to intercept SSL traffic, why wouldn't it also be able to intercept messages secured via message-level private/public keys?

谢谢

推荐答案

我想我明白他的意思了.像这样说:

I think I see what he's getting at. Say like this:

Web 客户端 ---> 展示 Web 服务器 ---> 对数据库的 Web 服务调用

Web client ---> Presentation web server ---> web service call to database

在这种情况下，您依赖中间服务器在数据到达数据库之前再次加密数据.如果消息是加密的，只有后端知道如何读取它，所以中间无关紧要.

In this case you're depending on the middle server encrypting the data again before it gets to the database. If the message was encrypted instead, only the back end would know how to read it, so the middle doesn't matter.

这篇关于传输级与消息级安全的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！