Upload
gerard-osborne
View
224
Download
1
Tags:
Embed Size (px)
Citation preview
OUTLINE
What is XML Encryption? Approaches to XML Encryption How Encrypted Data is Stored? Types of XML Encryption Benefits of Xml Cryptography
XML ENCRYPTION
W3C standard for encrypting XML elements.
Specification that defines how to encrypt data
Provides end-to-end security for applications that require secure exchange of structured data.
APPROACHES TO XML ENCRYPTION
Encrypt the xml using symmetric encryption only
Encrypt the xml using a combination of asymmetric
and symmetric encryption
Encrypt the xml using a X.509 Certificate
HOW ENCRYPTED DATA IS STORED?
Two approaches:
Whole element is replaced with an element named <EncryptedData>
Only the data in the element is replaced and its name remains readable in the document
ASYMMETRIC XML ENCRYPTION PROCESS
Select an element in an XML document (selecting the root will encrypt the whole document).
Encrypt the element using a symmetric encryption key, known as the session key.
Encrypt the session key using asymmetric encryption (the public key is used).
Create an EncryptedData element which will contain the encrypted data and the encrypted session key.
Replace the original element with the EncryptedData element.
ASYMMETRIC XML DECRYPTION PROCESS
Select the EncryptedData element in an XML document
Decrypt the session key using an asymmetric key (the private key is used)
Decrypt the cipher data using the unencrypted symmetric encryption.
Replace the EncryptedData element with the unencrypted element.
TYPES OF XML ENCRYPTION
Consider the following example: <?xml version='1.0'?>
<PaymentInfo xmlns='http://example.org/paymentv2'>
<Name>John Smith</Name>
<CreditCard Limit='5,000' Currency='USD'>
<Number>4019 2445 0277 5567</Number>
<Issuer>Example Bank</Issuer>
<Expiration>04/02</Expiration>
</CreditCard>
</PaymentInfo>
ENCRYPTING AN XML ELEMENT
<?xml version='1.0'?>
<PaymentInfo xmlns='http://example.org/paymentv2'> <Name>John Smith</Name>
<EncryptedDataType='http://www.w3.org/2001/04/xmlenc#Element' xmlns='http://www.w3.org/2001/04/xmlenc#'>
<CipherData>
<CipherValue>A23B45C56</CipherValue>
</CipherData>
</EncryptedData>
</PaymentInfo>
ENCRYPTING XML ELEMENT CONTENT
<?xml version='1.0'?>
<PaymentInfo xmlns='http://example.org/paymentv2'>
<Name>John Smith</Name>
<CreditCard Limit='5,000' Currency='USD'>
<EncryptedData xmlns='http://www.w3.org/2001/04/xmlenc#' Type='http://www.w3.org/2001/04/xmlenc#Content'> <CipherData>
<CipherValue>A23B45C56</CipherValue>
</CipherData>
</EncryptedData>
</CreditCard>
</PaymentInfo>
ENCRYPTING XML ELEMENT CONTENT (CHARACTER DATA)
<?xml version='1.0'?> <PaymentInfo xmlns='http://example.org/paymentv2'>
<Name>John Smith</Name> <CreditCard Limit='5,000' Currency='USD'> <Number> <EncryptedData
xmlns='http://www.w3.org/2001/04/xmlenc#' Type='http://www.w3.org/2001/04/xmlenc#Content'> <CipherData>
<CipherValue>A23B45C56</CipherValue> </CipherData> </EncryptedData> </Number> <Issuer>Example Bank</Issuer>
<Expiration>04/02</Expiration> </CreditCard> </PaymentInfo>
BENEFITS OF XML CRYPTOGRAPHY
Encrypted data is maintained.
Session can be secured on the document level and shared between multiple parties.
Sensitive data is easily interchanged between applications.
REFERENCES
XML Encryption by By: Derek Smyth : http://dotnetslackers.com/articles/xml/XMLEncryption.aspx
XML Encryption Syntax and Processing By Takeshi Imamura , Blair Dillaway, Ed Simon
http://www.ibm.com/developerworks/xml/library/x-encrypt2/
http://www.devx.com/dotnet/Article/21564