Share via

Non-Repudiation

  • Article

Non-Repudiation allows services and applications to ascertain the integrity and origin of information transmitted and received. The CCF environment supports implementation of non-repudiation for clients at various levels:

  • Communication Transport Security: In cases where transport that supports client authentication is used, the incoming messages ascertain the user identity. CCF allows implementing server-side code that logs the information with the incoming message securely. It is critical to assess that the logging process and the log is not subjected to tampering to maintain non-repudiation. The default CCF transport configuration uses Kerberos authentication and thus guarantees non repudiation.
  • DCS and Message Security: When using DCS and message security, you can enable signing a message in the protection policy. This ensures that messages are transferred with the user signature, so that the message receiver can trust the message origin.
  • Custom Configure Communication Binding: The most advanced technique is to custom configure the communication binding between the client and the server in order to allow low level usage of the WCF capabilities. This includes, broadly, the usage of certificate authentication on the client, which can be interfaced with smart card certificates and biometric devices for maximum security.