Skip to the main content

Journal of Information and Organizational Sciences, Vol. 27 No. 1, 2003.

Original scientific paper

ADDING SECURITY INFORMATION IN XML DOCUMENTS

Ana I. González-Tablas ; Computer Science Department, Carlos III University of Madrid, Leganés, Spain
Elena Castro ; Computer Science Department, Carlos III University of Madrid, Leganés, Spain
Arturo Ribagorda ; Computer Science Department, Carlos III University of Madrid, Leganés, Spain
Manuel Velasco ; Computer Science Department, Carlos III University of Madrid, Leganés, Spain

Full text: english pdf 221 Kb

page 1-14

downloads: 500

cite

Abstract

XML's popularity in the last few years has made this mark-up language a de facto standard for the web data interchange. DTD's (or Schemas) definition associated with XML documents introduces data modelling in XML's world, allowing the specification of a hierarchy of concepts or elements that constitute the XML document. Taking into account that the purpose of these data models is the highly structured information exchange among several systems, it is required to incorporate security mechanisms that allow a secure interchange. The World Wide Web Consortium (W3C) is working in the recommendations of several XML security standards. Between them, we emphasize in the XML-Signature Syntax and Processing, which allows the insertion and information processing of authentication and digital signature. Once the XML security standards have been approved as recommendations, the following step will be to include them completely or just certain parts in future or new versions of the DTD's or existing Schemas, but at present many DTD’s exists that do not consider these security components within their definition. This is the case of the NewsML DTD, standard for the press news electronic interchange. The XML security standards are characterized by high flexibility and extensibility, because of that it is necessary to make an exhaustive study of the domain where it is intended to be applied and define a specific application upon the domain DTD or Schema. What we propose in this paper is a way to include information of authentication and digital signature in the NewsML DTD. In order to indicate a possible application, we carry on a joint study of XML-Signature Syntax and Processing and NewsML, analysing in what elements and how authentication and digital signature might be included.

Keywords

authentication; digital signature; DTD; NewsML; XML; XMLDSig

Hrčak ID:

78361

URI

https://hrcak.srce.hr/78361

Publication date:

13.6.2003.

Visits: 918 *