The design and implementation of an application program interface for securing XML documents

The encryption and signature standards proposed by W3C specifying the format for encrypted XML documents are important advances towards XML security [Eastlake, Donald, Reagle, Joseph, Imamura, Takeshi, Dillaway, Blair, Simon, Ed, 2002. XML Encryption Syntax and Processing. W3C Recommendation 10 December 2002 , Eastlake, Donald, Reagle, Joseph, Solo, David, Bartel, Mark, Boyer, John, Fox, Barb, LaMacchia, Brian, Simon, Ed, 2002. XML-Signature Syntax and Processing W3C Recommendation, 12 February 2002. ]. Related works include the proposal of a specification language that allows a programmer to describe the security details of XML documents [Hwang, Gwan-Hwan, Chang, Tao-Ku, 2004. An operational model and language support for securing XML documents. Computers & Security 23(6), 498–529, Hwang, Gwan-Hwan, Chang, Tao-Ku, 2001. Document security language (DSL) and an efficient automatic securing tool for XML documents. International Conference on Internet Computing, Las Vegas, Nevada, USA, 24–28 June 2001, pp. 393–399]. Despite the success of these works, we consider them to be insufficient from the viewpoint of software engineering. In this paper, we employ some real examples to demonstrate that it is necessary to design an appropriate API for the securing system of subtree encryption for XML documents. The goal is to increase productivity and reduce the cost of maintaining this kind of software, for which we propose a document security language (DSL) API. We describe the implementation of the DSL API, and use experimental results to demonstrate its practicality.