کد مقاله کد نشریه سال انتشار مقاله انگلیسی نسخه تمام متن
494154 860949 2007 13 صفحه PDF دانلود رایگان
عنوان انگلیسی مقاله ISI
The design and implementation of an application program interface for securing XML documents
موضوعات مرتبط
مهندسی و علوم پایه مهندسی کامپیوتر شبکه های کامپیوتری و ارتباطات
پیش نمایش صفحه اول مقاله
The design and implementation of an application program interface for securing XML documents
چکیده انگلیسی

The encryption and signature standards proposed by W3C specifying the format for encrypted XML documents are important advances towards XML security [Eastlake, Donald, Reagle, Joseph, Imamura, Takeshi, Dillaway, Blair, Simon, Ed, 2002. XML Encryption Syntax and Processing. W3C Recommendation 10 December 2002 , Eastlake, Donald, Reagle, Joseph, Solo, David, Bartel, Mark, Boyer, John, Fox, Barb, LaMacchia, Brian, Simon, Ed, 2002. XML-Signature Syntax and Processing W3C Recommendation, 12 February 2002. ]. Related works include the proposal of a specification language that allows a programmer to describe the security details of XML documents [Hwang, Gwan-Hwan, Chang, Tao-Ku, 2004. An operational model and language support for securing XML documents. Computers & Security 23(6), 498–529, Hwang, Gwan-Hwan, Chang, Tao-Ku, 2001. Document security language (DSL) and an efficient automatic securing tool for XML documents. International Conference on Internet Computing, Las Vegas, Nevada, USA, 24–28 June 2001, pp. 393–399]. Despite the success of these works, we consider them to be insufficient from the viewpoint of software engineering. In this paper, we employ some real examples to demonstrate that it is necessary to design an appropriate API for the securing system of subtree encryption for XML documents. The goal is to increase productivity and reduce the cost of maintaining this kind of software, for which we propose a document security language (DSL) API. We describe the implementation of the DSL API, and use experimental results to demonstrate its practicality.

ناشر
Database: Elsevier - ScienceDirect (ساینس دایرکت)
Journal: Journal of Systems and Software - Volume 80, Issue 8, August 2007, Pages 1362–1374
نویسندگان
, ,