XML Signatures and Encryption

XML Signatures and Encryption

Kannan Balasubramanian (Mepco Schlenk Engineering College, India)
Copyright: © 2016 |Pages: 22
DOI: 10.4018/978-1-5225-0273-9.ch017
OnDemand PDF Download:
No Current Special Offers


Many XML uses today need security, particularly in terms of authentication and confidentiality. Consider commercial transactions. It should be clear why purchase orders, payments, delivery receipts, contracts, and the like need authentication. In many cases, particularly when the transaction involves multiple parties, different parts of a message need different kinds of authentication for different recipients. For example, the payment portion of an order from a customer to a merchant could be extracted and sent to a payment clearing system and then to the customer's bank. Likewise, court filings, press releases, and even personal messages need authentication as a protection against forgery. XML Digital Signature, which provides authentication is a full Recommendation in the W3C and a Draft Standard in the IETF. XML Encryption which provides confidentiality, and Exclusive XML Canonicalization are W3C Candidate Recommendations.
Chapter Preview

Defining Xml

It is meant to be understandable to a human reader (a human reader who happens to be a developer, that is). If you have worked with HTML, XML will appear rather familiar as both HTML and XML are derived in one way or another from Standard Generalized Markup Language (SGML) and are made up of common constructs: elements and attributes. But where HTML’s functionality focuses upon the presentation of information, XML focuses upon describing data in a way that is accessible universally.

XML is for structuring data in a text file. Many programs, such as word editors or spreadsheet applications, already structure data in files in both binary and text formats, but these formats tend to be proprietary. XML is a specification for formatting data in a text format that is easy to generate, is easy to read, is application- and platform-independent, and is very extensible. XML is truly a family of technologies. XML 1.0 defines the tag and attribute syntax of XML; other specifications that extend the usefulness of XML include Link, Pointer, Fragments, cascading style sheets (CSS), Extensible Style sheet Language (XSL), and more. Some of these technologies are already in use, and others are specifications still being drafted.

Ten goals were defined by the creators of XML, which give definite direction as to how XML is to be used.

  • 1.

    XML shall be straightforwardly usable over the Internet.

  • 2.

    XML shall support a wide variety of applications.

  • 3.

    XML shall be compatible with SGML.

  • 4.

    It shall be easy to write programs that process XML documents.

  • 5.

    The number of optional features in XML is to be kept to the absolute minimum, ideally zero.

  • 6.

    XML documents should be human-legible and reasonably clear.

  • 7.

    The XML design should be prepared quickly.

  • 8.

    The design of XML shall be formal and concise.

  • 9.

    XML documents shall be easy to create.

  • 10.

    Terseness in XML markup is of minimal importance.

Complete Chapter List

Search this Book: