Getting Started with XML Security

XML

The XML specification [ XML ] defines a syntax and rules for using tags to structure information. Anyone can define a vocabulary of element tags and attributes to structure information of interest. By following the rules defined in the XML specification, they may create "well-formed" XML, XML that may be processed by common XML tools. They may also explicitly define the structure of the documents they have defined, by creating an XML Schema or Document Type Definition (DTD). This allows documents to be validated.

XML languages created by different people may be combined. If you define a language for expressing addresses, for example, and I define one for purchase orders, I may reuse your address language within my purchase order language. To associate elements with the appropriate schemas and to avoid conflicting elements, XML namespaces may be used. XML namespaces associate tags with unique identifiers (URIs) and may be used to avoid ambiguity [ Namespaces ]. A well-formed XML document may be processed using general XML-aware tools, including parsers that understand the general rules of XML syntax and processing. An advantage is that use of these tools does not depend on the specific vocabulary defined in a particular document. This means that once general tools have been created they may be used for many applications of XML. This allows reuse of tools and training, another advantage of XML.

Many XML languages have already been defined, including XHTML for creating web pages, DocBook for creating technical documentation, RSS for content distribution (syndication), RDF for representing information, MathML for mathematics markup, BRML for business reports, and many others.

The following example shows a language for managing office medical records, including XML elements like <PatientRecord>, <Name> and <Diagnosis>. It also shows the use of an XML Namespace associated with a lab, to allow a <lab:Diagnosis> element that does not conflict with the office <Diagnosis> element.

<PatientRecord  
 xmlns="http://www.medical.org/"  
 xmlns:lab="http://www.lab.org/">  
    <Name>John Doe</Name>  
    <Account>123456</Account>  
    <Visit date="10pm March 10, 2002">  
         <Diagnosis>Broken second metacarpal</Diagnosis>  
         <lab:Diagnosis>  
           <lab:Xray>encoded xray image</lab:Xray>  
         </lab:Diagnosis>  
    </Visit>  
</PatientRecord>
Example 1 - Sample XML Document With XML Namespaces

Security

Security is vital to online business. Technologies designed to meet security requirements have evolved, but the requirements have remained relatively constant. These requirements include Authentication, Authorization, Integrity, Signature, Confidentiality, Privacy and Digital Rights Management and are briefly summarized below:

Authentication - Who is it?

Determine the identity or role of a party attempting to perform some action such as accessing a resource or participating in a transaction. A role may be appropriate to many parties, for example "Human Resources Person".

Authorization - What can they do?

Determine whether some party is allowed to perform a requested action, such as viewing a web page, changing a password, or committing an organization to a 10 million dollar transaction.

Integrity - Ensure that information is intact

Ensure that information is not changed, either due to malicious intent or by accident. This may be information transmitted over a network, such as from a web browser to a web server, information stored in a database or file system, or information passed in a web services message and processed by intermediaries, to give a few examples.

Signature - Create and verify electronic signatures analogous to handwritten signatures

Produce or verify an electronic signature intended to be the equivalent of a handwritten signature. Such a signature may be used for different purposes such as approval, confirmation of receipt, acceptance or agreement.

Confidentiality - Make content unreadable by unauthorized parties

Ensure that content may only be viewed by legitimate parties, even if other access control mechanisms are bypassed. Confidentiality is generally associated with encryption technologies, although other approaches such as steganography (information hiding) might serve a similar purpose.

Privacy - Limit access and use of individually identifiable information

Personally identifiable information is required by individuals and companies in order to perform services for the individual. An example is a Doctor's office that requires medical records to track a patient's health. Privacy relates to control over what is done with this information and whether it is redistributed to others without the individual's knowledge or consent. Privacy may be managed by a combination of technical and legal means. Confidentiality technology may be used to protect privacy, but cannot prevent inappropriate sharing of information.

Digital Rights Management - Limit use and sharing of content according to license agreements

Ensure that content is used according to license agreements. Generally access rules are incorporated with the content, and enforcement controls are integrated with the clients needed to use the content.

Traditionally, security technologies have required applications to be security or Public Key Infrastructure (PKI) "enabled". This often involves integrating specialized security code with the application in order to meet security requirements. This created a slow, cumbersome and inflexible customization process. An alternative is to create generic XML tools and generic XML Security and then allow them to be used with a variety of XML applications. This allows generic XML Security filters to be applied to arbitrary content without requiring extensive customization for each application, reducing costs and delay.