From Wikipedia, the free encyclopedia
XML Signature (also called XMLDSig, XML-DSig, XML-Sig) defines an
syntax for
and is defined in the
. Functionally, it has much in common with #7 but is more extensible and geared towards signing XML documents. It is used by various
technologies such as , , and others.
XML signatures can be used to sign data–a resource–of any , typically XML documents, but anything that is accessible via a
can be signed. An XML signature used to sign a resource outside its containing XML d if it is used to sign some part of its containing document, it is called an enveloped if it contains the signed data within itself it is called an enveloping signature.
An XML Signature consists of a Signature element in the http://www.w3.org/2000/09/xmldsig# namespace. The basic structure is as follows:
&Signature&
&SignedInfo&
&CanonicalizationMethod /&
&SignatureMethod /&
&Reference&
&Transforms&
&DigestMethod&
&DigestValue&
&/Reference&
&Reference /& etc.
&/SignedInfo&
&SignatureValue /&
&KeyInfo /&
&Object /&
&/Signature&
The SignedInfo element contains or references the signed data and specifies what algorithms are used.
The SignatureMethod and CanonicalizationMethod elements are used by the SignatureValue element and are included in SignedInfo to protect them from tampering.
One or more Reference elements specify the resource being signed by URI and any transforms to be applied to the resource prior to signing. A transformation can be a XPath-expression that selects a defined subset of the document tree.
DigestMethod specifies the hash algorithm before applying the hash.
DigestValue contains the
encoded result of applying the hash algorithm to the transformed resource(s) defined in the Reference element attributes.
The SignatureValue element contains the
encoded signature result - the signature generated with the parameters specified in the SignatureMethod element - of the SignedInfo element after applying the algorithm specified by the CanonicalizationMethod.
KeyInfo element optionally allows the signer to provide recipients with the key that validates the signature, usually in the form of one or more
digital certificates. The relying party must identify the key from context if KeyInfo is not present.
The Object element (optional) contains the signed data if this is an enveloping signature.
When validating an XML Signature, a procedure called Core Validation is followed.
Reference Validation: Each Reference's digest is verified by retrieving the corresponding resource and applying any transforms and then the specified digest method to it. The result is compared to the recorded DigestValue; if they do not match, validation fails.
Signature Validation: The SignedInfo element is serialized using the canonicalization method specified in CanonicalizationMethod, the key data is retrieved using KeyInfo or by other means, and the signature is verified using the method specified in SignatureMethod.
This procedure establishes whether the resources were really signed by the alleged party. However, because of the extensibility of the canonicalization and transform methods, the verifying party must also make sure that what was actually signed or digested is really what was present in the original data, in other words, that the algorithms used there can be trusted not to change the meaning of the signed data.
Because the signed document's structure can be tampered with leading to "signature wrapping" attacks, the validation process should also cover XML document structure. Signed element and signature element should be selected using absolute
expression, not getElementByName methods.
The creation of XML Signatures is substantially more complex than the creation of an ordinary digital signature because a given XML Document (an "", in common usage among XML developers) may have more than one legal serialized representation. For example, whitespace inside an XML Element is not syntactically significant, so that &Elem & is syntactically identical to &Elem&.
Since the digital signature is created by using an
(typically ) to encrypt the results of running the serialized XML document through a
(typically ), a single-byte difference would cause the digital signature to vary.
Moreover, if an XML document is transferred from computer to computer, the
may be changed from CR to LF to CR LF, etc. A program that digests and validates an XML document may later render the XML document in a different way, e.g. adding excess space between attribute definitions with an element definition, or using relative (vs. absolute) URLs, or by reordering namespace definitions. Canonical XML is especially important when an XML Signature refers to a remote document, which may be rendered in time-varying ways by an errant remote server.
To avoid these problems and guarantee that logically-identical XML documents give identical digital signatures, an XML
transform (frequently abbreviated C14n) is employed when signing XML documents (for signing the SignedInfo, a canonicalization is mandatory). These algorithms guarantee that logically-identical documents produce exactly identical serialized representations.
Another complication arises because of the way that the default canonicalization algorithm handles na frequently a signed XML document needs to be embedded in this case the original canonicalization algorithm will not yield the same result as if the document is treated alone. For this reason, the so-called Exclusive Canonicalization, which serializes
declarations independently of the surrounding XML, was created.
XML Signature is more flexible than other forms of digital signatures such as
and , because it does not operate on , but on the , allowing to work on subsets of the data, having various ways to bind the signature and signed information, and perform transformations. Another core concept is canonicalization, that is to sign only the "essence", eliminating meaningless differences like whitespace and line endings.
There are criticisms directed at the architecture of XML security in general, and at the suitability of XML canonicalization in particular as a front end to signing and encrypting XML data due to its complexity, inherent processing requirement, and poor performance characteristics. The argument is that performing XML canonicalization causes excessive latency that is simply too much to overcome for transactional, performance sensitive
applications.
These issues are being addressed in the .
Without proper policy and implementation the use of XML Dsig in SOAP and WS-Security can lead to vulnerabilities, such as XML signature wrapping.
, extensions to XML-DSig for use with advanced electronic signature
for XMLBeans and JAXB.
of how a signature is created.
XML-Signature XPath Filter 2.0
Pawel Krawczyk (2013). .
Why XML Security is Broken
Performance of Web Services Security
Performance Comparison of Security Mechanisms for Grid Services
Accelerate WSS applications with VTD-XML
W3C Workshop on Next Steps for XML Signature and XML Encryption, 2007
XML Security 2.0 Requirements and Design Considerations
Juraj Somorovsky, Andreas Mayer, Jorg Schwenk, Marco Kampmann, Meiko Jensen (2012).From Wikipedia, the free encyclopedia
For the harassment-related policy on Wikipedia, see .
Harassment ( or ) covers a wide range of behaviours of an offensive nature. It is commonly understood as behaviour which disturbs or upsets, and it is characteristically repetitive. In the legal sense, it is behaviour which appears to be threatening or disturbing.
refers to persistent and unwanted sexual advances, typically in the workplace, where the consequences of refusing are potentially very disadvantageous to the victim.
The word is based in English since circa 1618 as
from the French harassement, which was in turn already attested in 1572 meaning torment, annoyance, bother, trouble
and later as of 1609 was also referred to the condition of being exhausted, overtired. Of the French verb harasser itself there are the first records in a Latin to French translation of 1527 of ’
that was between the
both in the countries of the Greeks and the Romans and the neighbouring places where the translator writes harasser allegedly meaning harceler (to exhaust the enemy by repeated raids); and in the military chant Chanson du
of 1562, where the term is referred to a gaunt
(de poil fauveau, tant maigre et harassée: of fawn horsehair, so meagre and …) where it is supposed that the verb is used meaning overtired.
A hypothesis about the origin of the verb harasser is harace/harache, which was used in the 14th century in expressions like courre à la harache (to pursue) and prendre aucun par la harache (to take somebody under constraint). The , a German etymological dictionary of the French language () compares phonetically and syntactically both harace and harache to the interjection hare and haro by alleging a pejorative and augmentative form. The latter was an exclamation indicating distress and emergency (recorded since 1180) but is also reported later in 1529 in the expression crier haro sur (to arise indignation over somebody). hare 's use is already reported in 1204 as an order to finish public activities as fairs or markets and later (1377) still as command but referred to dogs. This dictionary suggests a relation of haro/hare with the old lower franconian *hara (here) (as by bringing a dog to heel).
While the pejorative of an exclamation and in particular of such an exclamation is theoretically possible for the first word (harace) and maybe phonetically plausible for harache, a semantic, syntactic and phonetic similarity of the verb harasser as used in the first popular attestation (the chant mentioned above) with the word haras should be kept in mind: Already in 1160 haras indicated a group of horses constrained together for the purpose of reproduction and in 1280 it also indicated the enclosure facility itself, where those horses are constrained. The origin itself of harass is thought to be the old Scandinavian h?rr with the Romanic suffix –as, which meant grey or dimmish horsehair. Controversial is the etymological relation to the Arabic word for horse whose roman
Although the French origin of the word harassment is beyond all question, in the
and those dictionaries basing on it a supposed Old French verb harer should be the origin of the French verb harasser, despite the fact that this verb cannot be found in French etymologic dictionaries like that of the  () or the  () (see also their corresponding websites as indicated in the interlinks); since the entry further alleges a derivation from hare, like in the mentioned German etymological dictionary of the French language a possible misprint of harer = har/ass/er = harasser is plausible or cannot be excluded. In those dictionaries the relationship with harassment were an interpretation of the interjection hare as to urge/set a dog on, despite the fact that it should indicate a shout to come and not to go (hare = hara = here; cf. above). The
prudently indicates this origin only as possible.
Main article:
Electronic harassment is the alleged use of
to harass a victim. Psychologists have identified evidence of ,
or other mental illnesses in online communities supporting those who claim to be targeted.
Main article:
Landlord harassment is the willing creation, by a
or his agents, of conditions that are uncomfortable for one or more
in order to induce willing abandonment of a . Such a strategy is often sought because it avoids costly legal
and potential problems with . This kind of activity is common in regions where
laws exist, but which do not allow the direct extension of rent-controlled prices from one tenancy to the subsequent tenancy, thus allowing landlords to set higher prices. Landlord harassment carries specific legal penalties in some , but enforcement can be very difficult or even impossible in many circumstances. However, when a
is committed in the process and motives similar to those described above are subsequently proven in court, then those motives may be considered an
in many jurisdictions, thus subjecting the offender(s) to a stiffer .
Main article:
Mobile harassment refers to the sending any type of , , , , or
that threatens, torments, humiliates the recipient of these messages. It is a form of .
Main article:
Harassment directs obscenities and derogatory comments at specific individuals focusing for example on race, religion, nationality, sexual orientation. This often occurs in chat rooms, through newsgroups, and by sending hate e-mail to interested parties. This may also include stealing photos of the victim and their families,doctoring these photos in offensive ways, and posting them on social media with the aim of causing emotional distress. (see , , , , and ).
Main article:
Unfair treatment conducted by law officials, including but not limited to , , , , and racial, ethnic, religious, gender/sexual, age, or other forms of .
Main article:
Power harassment is harassment or unwelcome attention of a political nature, often occurring in the environment of a workplace including hospitals, schools and universities. It includes a range of behavior from mild irritation and annoyances to serious
which can even involve forced activity beyond the boundaries of the job description. Power harassment is considered a form of illegal
and is a form of political and , and .
This is humiliating, intimidating or abusive behaviour which is often difficult to detect leaving no evidence other than victim reports or complaints. This characteristically lowers a person’s self-esteem or causes them torment. This can take the form of verbal comments, engineered episodes of intimidation, aggressive actions or repeated gestures. Falling into this category is workplace harassment by individuals or groups .
Community-based Harassment — stalking by a group against an individual using repeated distractions that the individual is sensitized to. Media reports of large numbers of coordinated groups
individual stalking victims, including a press interview given by an active duty police lieutenant, have described this community-based harassment as gang stalking.
Main article:
The targeting of an individual because of their race or ethnicity. The harassment may include words, deeds, and actions that are specifically designed to make the target feel degraded due to their race or ethnicity.
Notice to passengers posted behind bus driver, in Hebrew: "Every passenger may take any seat they choose (excepting places marked for disabled persons); harassing a passenger in this regard may be a criminal offence".
Verbal, psychological or physical harassment is used against targets because they choose to practice a specific religion. Religious harassment can also include forced and involuntary conversions.
Main article:
Harassment that can happen anywhere but is most common in the workplace, and schools. It involves unwanted and unwelcome words, deeds, actions, gestures, symbols, or behaviours of a sexual nature that make the target feel uncomfortable. Gender and sexual orientation harassment fall into this family. Involving , "gay" or "homo" is a common insult falling into this category. The main focus of groups working against sexual harassment is protection for women, but protection for men is coming to light in recent years.
Main article:
Workplace harassment is:
the offensive, belittling or threatening behavior directed at an individual worker or a group of workers.
the odious dealing through pitiless, malevolent, hurtful or embarrassing attempts to
an individual worker or groups of workers.
Recently, matters of
harassment have gained interest among practitioners and researchers as it is becoming one of the most sensitive areas of effective workplace management. In
countries, it attracted lots of attention from researchers and governments since the 1980s, because a significant source of work stress is associated with aggressive behaviors in the workplace. Third world countries are far behind oriental countries in that there are limited efforts to investigate the questions on workplace harassment. It is almost unseen and the executive leaders (managers) are almost reluctant or unconscious about it in the third world countries. Under
laws around the world, workplace harassment and
are identified as being core psychosocial hazards.
The examples and perspective in this section may not represent a
of the subject. Please
and discuss the issue on the . (August 2015)
In 1964, the United States Congress passed Title VII of the
which prohibited discrimination at work on the basis of race, color, religion, national origin and sex. This later became the legal basis for early harassment law. The practice of developing workplace guidelines prohibiting harassment was pioneered in 1969, when the U.S. Department of Defense drafted a Human Goals Charter, establishing a policy of equal respect for both sexes. In , 477
(1986): the U.S. Supreme Court recognized harassment suits against employers for promoting a sexually hostile work environment. In 2006, U.S.A. President
signed a law which prohibited the transmission of annoying messages over the
(aka ) without disclosing the sender's true identity.
The LAD prohibits employers from discriminating in any job-related action, including recruitment, interviewing, hiring, promotions, discharge, compensation and the terms, conditions and privileges of employment on the basis of any of the law's specified protected categories. These protected categories are race, creed, color, national origin, nationality, ancestry, age, sex (including pregnancy and sexual harassment), marital status, domestic partnership status, affectional or sexual orientation, atypical hereditary cellular or blood trait, genetic information, liability for military service, or mental or physical disability, including AIDS and HIV related illnesses. The LAD prohibits intentional discrimination based on any of these characteristics. Intentional discrimination may take the form of differential treatment or statements and conduct that reflect discriminatory animus or bias.
In 1984, the
prohibited sexual harassment in workplaces under federal jurisdiction.
Main article:
In the UK, there are a number of laws protecting people from harassment, including the
J. Amyot, OEuvres morales, p. 181
M. Lescarbot, Histoire de la Nouvelle France, I, 479
Etymology of
in the French etymologic dictionary CNRTL (in French)
The original
of the chant
Etymology of
in the French etymologic dictionary CNRTL (in French)
. Cnrtl.fr.
Etymology of
Etymology of
Monroe, Angela (November 12, 2012). . KMIR News.
Weinberger, Sharon (January 14, 2007). .
Olga Pochechueva.
Office of Justice Programs, F.O.I.A. No. 10-000169, Source: Office of the General Counsel, Office of Justice Programs, U.S. Department of Justice:
Candice Nguyen, Central Coast News (January 29, 2011). . Central Coast News, KION 46, FOX 35, California.
Joe Conger (February 17, 2010). . KENS 5, San Antonio, TX.
Rokonuzzaman, M. and Rahman, M. M. (2011), “Workplace Harassment and Productivity: A Comprehensive Role of Strategic Leadership”, Journal of General Education, Vol. 1,  , p41-49
Tehrani, N. (2004), Bullying: A source of chronic post traumatic stress? British Journal of Guidance and Counseling, 32 (3), 357- 366
Concha-Barrientos, M., Imel, N.D., Driscoll, T., Steenland, N.K., Punnett, L., Fingerhut, M.A.,Prüss-?stün, A., Leigh, J., Tak, S.W., Corvalàn, C. (2004). Selected occupational risk factors. In M. Ezzati, A.D. Lopez, A. Rodgers & C.J.L. Murray (Eds.), Comparative Quantification of Health Risks. Geneva: World Health Organization.
. . CNET news. January 9, 2006
Look up  or
in Wiktionary, the free dictionary.
: Hidden categories:}