跳到主要內容

臺灣博碩士論文加值系統

(54.83.119.159) 您好!臺灣時間:2022/01/17 08:16
字體大小: 字級放大   字級縮小   預設字形  
回查詢結果 :::

詳目顯示

: 
twitterline
研究生:張道顧
研究生(外文):Chang Tao-Ku
論文名稱:XML文件安全操作模式之研究
論文名稱(外文):The Operational Model for Securing XML Documents
指導教授:黃冠寰黃冠寰引用關係
指導教授(外文):Hwang Gwan-Hwan
學位類別:碩士
校院名稱:國立暨南國際大學
系所名稱:資訊管理學系
學門:電算機學門
學類:電算機一般學類
論文種類:學術論文
論文出版年:2002
畢業學年度:90
語文別:英文
中文關鍵詞:延伸標記語言安全元素加密數位簽章延伸樣式轉換語言文件安全語言
外文關鍵詞:XMLSecurityElement-wise EncryptionDigital SignatureXSLTDSL
相關次數:
  • 被引用被引用:0
  • 點閱點閱:326
  • 評分評分:
  • 下載下載:64
  • 收藏至我的研究室書目清單書目收藏:0
本篇論文中,提出一個操作模式與架構來支援有效率且自動化的XML文件加密安全機制。給予一個 XML文件 X,操作模式首先定義一個加密與數位簽章的程序,加密後的XML文件Xs 包含被加密與未被加密的資料與數位簽章的資訊。接下來,操作模式定義解密與檢視數位簽章的程序。這個操作模式提供一個安全的機制來整合元素層次的加密與元素層次的數位簽章的程序。在這個操作模式下,我們定義了一套名為DSL的新語言,DSL 可以具體描述(1)如何對XML文件做加密與執行數位簽章及(2)如何對XML文件做解密與驗證數位簽章的程序。加密過後的XML文件語法與數位簽章語法在這篇論文中也會與 [25,26]做比較。為了效率與自動化考量,DSL 定義了“標準DSL演算法下載與鏈結協定”來配合操作模式的自動下載演算法機制,另外也提出了一個演算法儲存器,演算法提供者,鑰鎖提供者與鑰鎖管理的架構,這個架構是發展來支援securing tool來實現加密、解密、簽章與驗證簽章的功能。此外我們也設計了一個圖形介面的DSL 編輯軟體提供給使用者以更方便快速的方式來編輯DSL文件,同時我們也針對securing tool做了加密效能的實驗。

In this paper, we present an operational model and its infrastructure to support an efficient and automatic environment for securing XML documents. Given an XML document X. The operational model first defines the process of encrypting data and embedding digital signatures which sign the data in X. The secured XML Xs includes encrypted, unencrypted data of X, and digital signatures. Secondly, the operational model defines the process of decrypting Xs and verifying the digital signatures in Xs. The operational model offers the security mechanism which integrates element-wise encryption and temporal-based element-wise digital signature. Based on the generalized operational model, we define a new language, denoted as Document Security Language (DSL). The DSL can specify (1) how to encrypt and embed digital signatures of XML documents, and (2) how to descript and verify digital signature of XML documents. The syntax of the encrypted XML documents and the embedded digital signature is presented and compared with [25,26]. For the consideration of efficiency and automation, The DSL defines the “Standard DSL algorithm downloading and linking protocol (DDL protocol)” which fulfills automatic algorithm download and linking requirement in the operational model. Also, an architecture containing algorithm container, algorithm provider, key provider and key manager is proposed. It is developed to support the securing tool which carries out encryption, decryption, embedding and verifying signatures. In addition, we have developed a DSL editor with a friendly graphic user interface to help users to generate DSL documents. Experiments are conducted based on the tool we developed for the operational model.

Contents
Contents I
Figure Contents III
Table Contents IV
Abstract V
中文摘要 VI
1 Introduction 1
2 Related Works 9
2.1. XML Overview 9
2.1.1. XML Development Goal 9
2.1.2. XML and HTML 11
2.1.3. XML and SGML 12
2.1.4. XML and XSLT 12
2.1.5. XML Related Specification 13
2.2. XML Security 15
3 XML, DSL, and the DSL Securing Tool 20
4 Syntax of DSL 24
4.1. The Key Definition Section 26
4.2. The Algorithm Definition Section 29
4.3. The Security Pattern Section 34
4.4. The Transformation Description Section 36
4.5. The Digital Signature Definition Section 44
5 Syntax of Encrypted XML Document and DSL Document for Decryption 49
5.1. The Encrypted XML Document 49
5.2. The DSL Document for Decryption 55
6 The Standard DSL Algorithm Downloading and Linking Protocol 56
7 Implementation and Experiments 59
7.1. Implementation of DSL securing tool 59
7.1.1. Implementation of Algorithm Object and Save Key Value 63
7.1.2. How to get algorithm object and key file 66
7.2. Performance Evaluation 67
7.3. DSL editor 70
8 Conclusion 75
References 76
Appendix A: The BNF and Extended BNF Representations 79
Appendix B: Codes Examples for DDL Protocol’s Implementation of Algorithms 81
Appendix C: XML Document of transactions.xml and DSL Document of security.dsl ……………………………………………………………………………………83
Appendix D: Cryptographic Overview 90
Appendix E: User’s manual of DSL security tool 99
Figure Contents
Figure 1: Element-wise encryption 3
Figure 2: The digital signature 4
Figure 3 Concept of XSLT 13
Figure 4: The operational model for securing XML documents 21
Figure 5: The organization of the DSL securing tool 22
Figure 6: The architecture of a DSL document 26
Figure 7: The architecture of the encrypted and signed XML document 50
Figure 8: The Java interface GeneralSecurityInterface 57
Figure 9: The Java interface GeneralSignatureInterface 58
Figure 10: The Java interface GeneralDigestInterface 58
Figure 11: The architecture of the implemented DSL securing tool 60
Figure 12: The flow chart of securing tool 60
Figure 13: The flow chart of encryption process 61
Figure 14: The flow chart of parse XML and encrypt target elements process 62
Figure 15: The flow chart of digital signature process 63
Figure 16: The flow chart of parse XML and select target elements process 63
Figure 17: The operation of a DSL editor 72
Figure 18: DSL editor: Input the file name of the target XML document 73
Figure 19: DSL editor: Choose an element and construct its security pattern 73
Figure 20: DSL editor: Choose an element and construct its security pattern 74
Figure 21: DSL editor: Choose an element and specify its security pattern 74
Figure 22 Creating And Testing A Digital Signature 96
Table Contents
Table 1 The Features Comparison between the Encryption Syntax of DSL, SSML [9], [25] , and [26] 19
Table 2 The average time of loading key files (in seconds) 68
Table 3 The average time of loading algorithm objects 68
Table 5 The average time of template matching 69
Table 6 The time of encrypting some elements in XML document 70
Table 7: Description of XML, XSL and DSL editors 72

1. Extensible Markup Language (XML) 1.0 (Second Edition). W3C Recommendation. T. Bray, E. Maler, J. Paoli, C. M. Sperberg-McQueen. October 2000.
2. Hypertext Transfer Protocol -- HTTP/1.1. J. Gettys, J. Mogul, H. Frystyk, L. Masinter, P. Leach, T. Berners-Lee. June 1999. http://www.ietf.org/rfc/rfc2616.txt.
3. ISO (International Organization for Standardization). ISO 8879:1986(E). Information processing -- Text and Office Systems -- Standard Generalized Markup Language (SGML). First edition -- 1986-10-15. [Geneva]: International Organization for Standardization, 1986.
4. XML Linking Language (XLink) Version 1.0, W3C Recommendation 27 June 2001, http://www.w3.org/TR/2001/REC-xlink-20010627/
5. Bruce Schneier, “Applied Cryptography: Protocols, Algorithms, and Source Code in C,” 2nd Edition, published by John Wiley & Sons.
6. R. L. Rivest, A. Shamir, and L. Adleman, “A Method for Obtaining Digital Signatures and Public-Key Cryptosystems,” Communications of the ACM, Feb. 1978, vol.21, pp.122-126.
7. National Institute of Standards and Technology, Data Encryption Standard, Federal Information Processing Standard, FIPS PUB 46-2, December 1993.
8. Ricardo Rosario, “Secure XML: An Overview of XML Encryption”, http://www.cs.rit.edu/~rlr6379/xml_encryption.htm.
9. Paul Brandt and Frederik Bonte, “Towards secure XML,”. http://lists.w3.org/Archives/Public/xml-encryption/2000Oct/att-0016/02-Discussion_paper_sXML.doc.
10. Hiroshi Maruyama and Takeshi Imamura, “Element-wise XML Encryption,” 2000. http://www.alphaworks.ibm.com/tech/xmlsecuritysuite.
11. Drug Tidwell, “Extending XSLT to Encrypt XML on the Fly”, http://web.oreilly.com/news/xslt_0801.html.
12. M. Kudo and S. Hada, ”XML Document Security based on Provisional Authorization,” ACM Conference on Computer and Communication Security (CCS 2000), Nov. 2000.
13. Extensible Stylesheet Language (XSL). W3C Recommendation. S. Adler, A. Berglund, J. Caruso, S. Deach, T. Graham, P. Grosso, E. Gutentag, A. Milowski, S. Parnell, J. Richman, S. Zilles. October 2001.
14. XSL Transforms (XSLT) Version 1.0. W3C Recommendation. J. Clark. November 1999. http://www.w3.org/TR/1999/REC-xslt-19991116.html.
15. TAIWAN-CA.COM Inc, http://www.taica.com.tw/.
16. VeriSign Secure Site, http://www.verisign.com/.
17. James Gosling, Bill Joy, and Guy Steele. The Java Language Specification (First Edition). Addison-Wesley, Reading, Massachusetts, USA, 1986.
18. Java(TM) Remote Method Invocation (RMI), http://java.sun.com/j2se/1.3/docs/guide/rmi/
19. Arnold, Wollrath, O'Sullivan, Scheifler, Waldo, “The Jini Specification,” Addison-Wesley, June 1999.
20. Common Object Request Broker Architecture (CORBA/IIOP Specification), http://www.omg.org/technology/documents/formal/corba_iiop.htm.
21. Takeshi Imamura and Hiroshi Maruyama, “Specification of Element-wise XML Encryption”, 2000. http://lists.w3.org/Archives/Public/xml-encryption/2000Aug/att-0005/01-xmlenc-spec.html.
22. E. Simon and B. LaMacchia, “XML Encryption strawman proposal”, Aug 09 2000. http://lists.w3.org/Archives/Public/xml-encryption/2000Aug/0001.html.
23. T.i Imamura,”Another proposal of XML Encryption”, Aug 14 2000. http://lists.w3.org/Archives/Public/xml-encryption/2000Aug/0005.html.
24. “XML Encryption WG”, http://www.w3.org/Encryption/2001/Overview.html.
25. Takeshi Imamura, Blair Dillaway, and Edi Simon, “XML Encryption Syntax and Processing”, W3C Candidate Recommendation 04 March 2002. http://www.w3.org/TR/2002/CR-xmlenc-core-20020304.
26. Mark Bartel, John Boyer, Barb Fox, Brian LaMacchia, and Ed Simon, “XML-Signature Syntax and Processing”, W3c Recommendataion 12 February 2002.
27. MIME (Multipurpose Internet Mail Extensions) Part One: Mechanisms for Specifying and Describing the Format of Internet Message Bodies http://www.ietf.org/rfc/rfc1521.txt.
28. Guide to the W3C XML Specification ("XMLspec") DTD, Version 2.1, http://www.w3.org/XML/1998/06/xmlspec-report-v21.htm
29. XML Schema Part 1: Structures. W3C Recommendation. D. Beech, M. Maloney, N. Mendelsohn, H. Thompson. May 2001. http://www.w3.org/TR/2001/REC-xmlschema-1-20010502/. XML Schema Part 2: Datatypes W3C Recommendation. P. Biron, A. Malhotra. May 2001. http://www.w3.org/TR/2001/REC-xmlschema-2-20010502/.
30. Document Object Model (DOM) Level 2 Core Specification Version 1.0, W3C Recommendation 13 November, 2000.
31. CCITT. Recommendation X.509: The Directory - Authentication Framework.
32. Cryptix JCE, http://www.cryptix.org/products/jce/index.html.

QRCODE
 
 
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                               
第一頁 上一頁 下一頁 最後一頁 top
無相關期刊