Based On Xml Engine Security Gateway

XML will be found everywhere in the application of WEB in the future. The network security has also gradually become an unignorable problem due to its important role of its application in the network. In order to ensure the safety of the interactive network, people are required to provide some important functions, such as encryption and decryption of important information, identity certification, content filtering, etc. The management and operation of many fields like E-commerce, e-government, e-banking, stocks, futures, customs, and national defense have changed or are changing from traditional way to electronicalization and informationalization. The higher level of electronicalization and informationization, the more urgent and important the requirement of information safety. However, the traditional firewalls, security gateways, routers, etc. are filtering of packet based on the network layer. When the content, whose transmission is described by XML with the carrier of SOAP protocol, pass through the port 80, 433, the existing firewall and security gateway is unable to have it filtered. It also results in attacks from some commands like malicious commands.XML security is the application of "security" to XML structure, which means application of data confidentiality, authentication and access control to XML structure. On account of considering the design of security of XML message, resolving the problems of information security and its performance in the service-oriented network professionally, providing security management of business information for enterprises and organizations and ensuring the security of XML data, there is greatly urgent demand of protective products based on XML.This article puts forward the system of Security Gateway Based on XML-Engine, which takes XML-engine middleware as the core component, combines with ordinary gateway functions and implements the functions such as IP filtering, protocol analysis, XML semantic filtering, XML keyword filtering, XML signature/verification, XML encryption and decryption, etc.XSG systems belong to the security products. It deals with XML documents with fine-grained at tag level. This article has the following three points Innovations:(1) Using an improved Bayesian algorithm text semantic filtering based on coefficient, according to the choosen threshold, recall and precision ratio is up to more than 99%, so it effectively controls the circulation of unhealthy text and virus code. (2) it uses two-dimensional hashtable pattern matching algorithm in keyword filtering technology based on wordlength, exponentially improve the search speed than the traditional KMP algorithm, greatly shortens the text-processing time, and improves the system efficiency. (3)The entire system uses a dynamic pluggable and configurable model, puts forward the concept of functional element containers and program implementation, which is conducive to the system's features integration, system upgrades and third-party components'integration into this system.In this article, each system function block is described by its implementation of the basic theory, algorithm description and the main API. The article's thinking structure is to analyze the theoretical basis of system implementation and the basic algorithm of function implementation firstly, and then with comparison, analysis and research, it also proposes the improvement of algorithms in accordance with the system of Security Gateway Based on XML-Engine. This article illustrates the system implementation as follows. Firstly, the article analyzes the core component XML-engine middleware. Secondly, it analyzes system structure, system process and its specific implementation. Thirdly, combining with test applications of research - a set of Web Service-based e-malls system and a specialized tool SOAP-Client for sending SOAP package to carry out the system test, the article describes how functional test and performance test are implemented in the system. Lastly, the article proposes some expectations of the system with two points: one is optimization of the algorithm to improve system's performance; the other is to set up a credible platform of implementation.A lot of work has been done in this field both at home and abroad at present, but there are few applicative products developed according to the related research. Security Gateway Based on XML-Engine with independent intellectual property, which is launched in the trend of SOA application, is bound to have large market occupancy, especially in the important sectors such as taxation, commerce, finance, stock and futures transaction, national defense, etc.