[Work done from 3rd November to 16th November 2008]
After moving to the new architecture of the eID system, I continue my works with the Web Service again. First of all, I start to design the class which will be useful for the Develop the web service.
The service which should provide to the cardholder by the eID web service is first verifying Reliant Parties and cardholder. Then replying with an authenticating or an identification token, according to the Reliant Parties Policy request, send to the web service and the access level of the Reliant Party.
In here first eID web browser plug-in will take the policy of the Reliant Party and the Signature for that Policy from the Reliant Party. Then that Plug-In will clarify that policy with the cardholder and using the eID card it will sign the policy and invoke the eID web service using Authentication operation in web service.
Inside the web service that will take the policy and first of all it will verify that is policy is not tampered one using the signature send by the Reliant Party and the cardholder. If the policy is verified then web service will create a token and encrypt it with RP’s public key reply back with tat encrypted token.
Here policy request of the Reliant Party is consist of Reliant Parties eIDcode and the Claims that are need for the authentication process. And Also Token send by the Web Service will be consisting of the information according to the policy sent.
I used AXIS2 and WSO2 WSAS IDE for deploy the web service. Also, I used RSA Encryption and Decryption mechanism for the secured communication. For the signing purposes I used SHA1withRSA Signature and verification mechanism.
Using those technologies I deployed web service which has Core functionalities. Then I did a demonstration to group member about the web service. Still need some secure mechanisms for web service and I’m expecting to add those functionalities with in next week.