An operational model and language support for securing XML documents

Abstract

In this paper we present an operational model for XML document security. Given an XML document X, the operational model defines the process of encrypting data and embedding digital signatures which sign the data in X. The secured XML document X s includes encrypted and unencrypted data of X, and embedded digital signatures. The operational model also defines the processes of decrypting X s and verifying the digital signatures embedded in X s. It offers a security mechanism which integrates element-wise encryption and temporal-based element-wise digital signatures. Our operational model provides element-wise encryption that is more general than previous forms of XML security, by including element encryption, content encryption, and two types of attribute encryption. Moreover, the model of temporal-based element-wise digital signature is novel. Based on the generalized operational model, we define a new language—called document security language (DSL)—to support it. The syntax of the encrypted document and the corresponding transformation language are presented. For automation reasons, the DSL includes a definition for the “standard DSL algorithm downloading and linking protocol” which fulfills automatic algorithm download and linking requirements in the operational model. This makes the DSL based securing tool configurable. Two different implementations further demonstrate its practicability: one uses the Java programming language to implement the securing tool, whilst the other employs the extension mechanism of XSLT 1.0 to implement the encryption and decryption transforms. The two implementations are available free on the Internet. Experimental results obtained when using our securing tool demonstrate the automation, efficiency, and practicability of the proposal operational model. In addition, we have developed a DSL editor with a friendly graphic user interface to make it easier for users to generate DSL documents.