1 / 10

What is XML Encryption

What is XML Encryption. A W3C Standard Recomendation, http://www.w3c.org/Encryption/2001/ A process for encrypting data and representing the result in XML This data can be arbitrary data, including XML documents, individual elements, or content.

cyndi
Download Presentation

What is XML Encryption

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. What is XML Encryption A W3C Standard Recomendation, http://www.w3c.org/Encryption/2001/ A process for encrypting data and representing the result in XML This data can be arbitrary data, including XML documents, individual elements, or content. Uses symmetric cipher for data protection (DESede, AES) Uses RSA for key protection

  2. Examples Element <?xml version='1.0'?> <PaymentInfo xmlns='http://example.org/paymentv2'> <Name>John Smith</Name> <CreditCard Limit='5,000' Currency='USD'> <Number>4019 2445 0277 5567</Number> <Issuer>Example Bank</Issuer> <Expiration>04/02</Expiration> </CreditCard> </PaymentInfo> <?xml version='1.0'?> <PaymentInfo xmlns='http://example.org/paymentv2'> <Name>John Smith</Name> <EncryptedData Type='http://www.w3.org/2001/04/xmlenc#Element' xmlns='http://www.w3.org/2001/04/xmlenc#'> <CipherData> <CipherValue>A23B45C56A23B45C56</CipherValue> </CipherData> </EncryptedData> </PaymentInfo>

  3. Examples Element content <?xml version='1.0'?> <PaymentInfo xmlns='http://example.org/paymentv2'> <Name>John Smith</Name> <CreditCard Limit='5,000' Currency='USD'> <Number>4019 2445 0277 5567</Number> <Issuer>Example Bank</Issuer> <Expiration>04/02</Expiration> </CreditCard> </PaymentInfo> <?xml version='1.0'?> <PaymentInfo xmlns='http://example.org/paymentv2'> <Name>John Smith</Name> <CreditCard Limit='5,000' Currency='USD'> <EncryptedData xmlns='http://www.w3.org/2001/04/xmlenc#' Type='http://www.w3.org/2001/04/xmlenc#Content'> <CipherData> <CipherValue>A23B45C56</CipherValue> </CipherData> </EncryptedData> </CreditCard> </PaymentInfo>

  4. Examples cdata content <?xml version='1.0'?> <PaymentInfo xmlns='http://example.org/paymentv2'> <Name>John Smith</Name> <CreditCard Limit='5,000' Currency='USD'> <Number>4019 2445 0277 5567</Number> <Issuer>Example Bank</Issuer> <Expiration>04/02</Expiration> </CreditCard> </PaymentInfo> <?xml version='1.0'?> <PaymentInfo xmlns='http://example.org/paymentv2'> <Name>John Smith</Name> <CreditCard Limit='5,000' Currency='USD'> <Number> <EncryptedData xmlns='http://www.w3.org/2001/04/xmlenc#' Type='http://www.w3.org/2001/04/xmlenc#Content'> <CipherData> <CipherValue>A23B45C56</CipherValue> </CipherData> </EncryptedData> </Number> <Issuer>Example Bank</Issuer> <Expiration>04/02</Expiration> </CreditCard> </PaymentInfo>

  5. Products and solutions Commercial Java products • KeyTools XML, Baltimore Technologies • XML Signature & XML Encryption • much, much more • XML Security Suite, IBM Corp. • XML Signature & XML Encryption • XML Access Control Language • Phaos XML Security Suite, Phaos Tech. • XML Signature & XML Encryption • SAML

  6. Products and solutions Open Source • XML Security Library, MIT • http://www.aleksey.com/xmlsec/ • XML Signature & XML Encryption • C Library using OpenSSL • XML Security, Apache XML Project. • http://xml.apache.org/security/ • XML Signature • Partly XML Encryption (beta) • Java

  7. Products and solutions Our solution • XML Encryption • Using Sun JCE and JCA • Using JDOM as XML DOM toolkit • Implements most required features of the W3C Recommendation • Keys protected with password protected encryption standard (PKCS #5) • Does not support encrypted key feature, user must have the correct key.

  8. Overview JCE KeyManager XMLEncryptionDemo XMLSecurityEngine XMLEncryptionEngine XMLSignatureEngine XMLHandler XMLEncryption EncryptedData JCE

  9. Code Examples Our solution • Encryption of an xml element • XMLEncryption encrypter = new XMLEncryption(plaintextElement); • encrypter.encrypt(key); • XMLHandler.replaceElement(plaintextElement, • encrypter.getElement()); • Encryption of element content • XMLEncryption encrypter = • new XMLEncryption(plaintextElement.getContent()); • encrypter.encrypt(key); • XMLHandler.replaceContent(plaintextElement, • encrypter.getElement());

  10. Code Examples Our solution • Decryption of an EncryptedData element • XMLEncryption decrypter = • new XMLEncryption(encryptedDataElement); • decrypter.decrypt(key); • List content = decrypter.getContent(); • Element element = decrypter.getElement(); • if (content != null) { • XMLHandler.replaceContent(encryptedDataElement.getParent(), • content); • } else if (element != null) { • XMLHandler.replaceElement(encryptedDataElement, element); • }

More Related