XML security : Implement security layers, Part 1

    Date24 Oct 2003
    3408
    Posted ByAnthony Pell
    As a format for exchanging information over the Internet, XML's popularity is continuing to grow -- and one of the key issues associated with information exchange is security. No information exchange format is complete without a mechanism for ensuring the security . . . As a format for exchanging information over the Internet, XML's popularity is continuing to grow -- and one of the key issues associated with information exchange is security. No information exchange format is complete without a mechanism for ensuring the security and reliability of the information. This is the first in a series of articles by Manish Verma that will discuss the technologies that play a crucial role in securing XML. This article focuses on the basic plumbing technologies, defining security in an XML context, XML canonicalization, and PKI infrastructure, and providing a step-by-step guide to generating keys. Part 2 will discuss XML encryption and XML signature. This series will give you a practical grasp of the basic technology used for securing XML messages.

    For the purposes of this article, the term security covers the round-trip protection of XML between a client and a final destination through a variable number of intermediaries. Please note that different parts of a single XML message may have different final destinations. Different parts of the payload are secured such that only the intended set of recipients are able to read them while they remain encrypted to all other intermediaries.

    The basic unit of granularity for securing XML is an element. Encryption granularity can be further refined by specifying whether the encryption is of type element or content. Element encryption encrypts the entire element, including attributes, and replaces it with an EncryptedData element. Content encryption essentially means that only the child nodes of the element are encrypted and replaced with an EncryptedData element.

    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"7","type":"x","order":"1","pct":58.33,"resources":[]},{"id":"88","title":"Should be more technical","votes":"3","type":"x","order":"2","pct":25,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"2","type":"x","order":"3","pct":16.67,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    Advisories

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.