| XML technology becomes popular on data storage and data exchange in a TCP/IP network. The security of XML data is being paid more attention. XML security integrates XML with the technology of data security such as the management of data encryption, digital signature, public key, right control, access control and authentication. It can ensure the security for XML data and all the data in the network.The technologies of traditional cryptography and XML security are analyzed, especially on XML Encryption, XML digital signature, the management of public key, key generation and exchange. After that a design of data security based on the technology of data encryption and XML security is presented. The design includes many new technologies in data exchange and data security, they are: Converting non-XML data to XML in order to apply the XML security technology to more data types; Using the technology of XKMS and PKI to manage the public key in order to overcome the shortage of complexity and difficulty in using PKI and improve the efficiency of the public key management; Using Diffe-Hellman algorithm combining with the public key technology to exchange secret key in order to furthest increase the security of the key; Using the technology of XML digital signature algorithm to ensure the integrity, message authentication and signer authentication of the data; Using the technology of XML encryption to ensure confidentiality of the data; Defining delegable access rules on the structure and content of the XML documents to provide fine-grained access control.According to the XML security framework, a XML security library is designed and implemented. The library provides support for XML Digital Signature and XML Encryption. It is based on the third part XSLT/XML library and can use practically any crypto library. |
PDF Full Text Request