簡易檢索 / 詳目顯示

研究生: 張道顧
Tao-Ku Chang
論文名稱: XML文件安全塑模之設計與實作
Design and Implementation of the Security Model for XML Documents
指導教授: 黃冠寰
Hwang, Gwan-Hwan
學位類別: 博士
Doctor
系所名稱: 資訊教育研究所
Graduate Institute of Information and Computer Education
論文出版年: 2006
畢業學年度: 95
語文別: 英文
論文頁數: 112
中文關鍵詞: 可擴展標示語言安全元素加密數位簽章可擴展標示語言轉換文件安全語言
英文關鍵詞: XML, Security, Element-wise Encryption, Digital Signature, XSLT, DSL
論文種類: 學術論文
相關次數: 點閱:242下載:2
分享至:
查詢本校圖書館目錄 查詢臺灣博碩士論文知識加值系統 勘誤回報
  • 中文摘要
    本篇論文提出XML文件安全模式的解決方案。首先我們研究單一XML文件加密與數位簽章的方式,研究成果包括發展一個加密的安全操作模式、文件安全語言-Document Security Language (DSL)、協助撰寫DSL文件的編輯器、利用XSLT配合DSL來實作加密XML文件加密程式及提供程式寫作的DSL API。我們提出的安全操作模式定義了如何對XML文件中任意資料之加密與數位簽章的程序,它提供了比現有的XML加密安全機制更為完整的解決方案,包括元素加密、元素內容加密與元素屬性加密,更加入了時間順序的數位簽章簽章模式。以這個具完整性模式為基礎,我們定義了一個新的語言,稱之為文件安全語言(DSL)來支援這個操作模式。我們已實作二種方法:第一種利用Java語言來撰寫,第二種利用XSLT的延伸自定函數功能來完成加密與解密的功能。我們也設計了一個圖形界面的DSL編輯工具來協助使用者容易地撰寫DSL文件。同時也我們設計了一個DSL API供程設計人員能夠以最少的成本且快速地將DSL的安全機制應用到現有的XML應用系統中。我們也進一步探討如果將XML文件儲存於資料庫中之擷取相關問題。我們研究XML Query雖然被廣泛應用在XML的查詢上,但在其語言描述中並無提供安全的機制。因此我們結合XQuery與DSL,提出一個sXQuery的新語言,讓XQuery查詢語言也擁有資訊加密功能。另外,XML文件經常會被加密後再儲存於檔案系統或資料庫,查詢已加密的XML文件時需要經過解密才能夠獲取資料;為了減少不必要的解密程式,我們也設計了一個自動轉換模式可以有效率地將經過加密後的XML文件從資料庫中擷取出來。

    Abstract
    In this dissertation we aim at the deisgn and implementation of the security model for XML documents. First, we propose an operational model which defines the process of encrypting data and embedding digital signatures which sign the data in an original XML docuemnt. It provides element-wise encryption that is more general than previous forms of XML security, by including element, content of element, and two types of attribute encryption. Moreover, the model of temporal-based element-wise digital signature is novel. Based on the generalized operational model, we define a new language – called document security language (DSL) – to support it. Two different implementations further demonstrate its practicability. In addition, we have developed a DSL editor and the DSL API to support the proposed operational model. The research following the XML security, we explore a little further into the XML query related issues. Although the W3C proposed the XQuery language, which is designed to be broadly applicable across all types of XML data sources, this language does not provide a security mechanism in its query expressions. We have designed a new XML query language, called the secure XML Query (sXQuery) language that is derived from XQuery and reinforced with a security mechanism; sXQuery combines the specification ability of both the XQuery language and the document security language which is designed to specify the scope and encryption details of XML. Furthermore, we address how to optimally query encrypted XML documents using XQuery, with the key point being how to eliminate redundant decryption so as to accelerate the querying. We have proposed a processing model that can automatically and appropriately translate the XQuery statements for encrypted XML documents.

    Abstract I 中文摘要 II Table of Contents III List of Tables V List of Figures VI 1 Introduction 1 2 Related Work 8 3 The Operational Model for Securing XML Documents 14 3.1 Syntax of DSL 17 3.1.1. The Key Definition Section 19 3.1.2. The Algorithm Definition Section 22 3.1.3. The Security Pattern Section 27 3.1.4. The Transformation Description Section 29 3.1.5. The Digital Signature Definition Section 37 3.2 Syntax of Encrypted XML Document and DSL Document for Decryption 42 3.2.1. The Encrypted XML Document 42 3.2.2. The DSL Document for Decryption 49 3.3 Modification of XML Schema for the Secured Document 50 3.4 The Standard DSL Algorithm Downloading and Linking Protocol 54 3.5 Implementation of DSL Securing Tool 57 3.5.1. Implementation of the DSL Securing Tool in Java 57 3.5.2. Experimental Results 59 3.6 The DSL Editor 63 4 DSL API: An Application Program Interface for Securing XML Documents 66 4.1 The Motivations of the DSL API 67 4.2 The DSL API Specification 71 4.2.1. Environment Settings 71 4.2.2. Securing and Unsecuring 72 4.2.3. Security-Rule Management 73 4.2.4. Signature Verification 74 4.2.5. The Error Handling Methods 75 4.3 A Security Wizard implemented in DSL API 76 4.4 Experimental Results 77 5 To Secure XML Documents with Extension Functions of XSLT 80 5.1 The Processing Model 80 5.2 The DSL Template for the XSLT Processor 83 5.3 Experimental Results 89 6 Conclusion 92 References 94 Appendix 100 A The BNF and Extended BNF Representations 100 B Code Examples for the Implementation of Algorithms for the DDL Protocol 101 C Example source XML document, DSL document, and the encrypted XML document 102 D Example of the XSLT Extension Function to Perform Encryption of DSL 107 E Examples of Using DSL API 108 List of Tables Table 1: The times for loading key files 59 Table 2: The times for loading algorithm objects 60 Table 3: The times required to encrypt an XML document 61 Table 4: The times required to decrypt an XML document 61 Table 5: The times required to encrypt an XML document 62 Table 6: The times required to decrypt an XML document 63 Table 7: The execution times for the execution model shown 78 Table 8: The execution times for the execution model shown 79 Table 9: The execution times for the execution model shown 79 Table 10: The times required to encrypt XML documents using extension functions of XSLT 90 Table 11: The times required to encrypt XML documents using the DSL securing tool 90 List of Figures Figure 1: Example of element-wise encryption 2 Figure 2: Illustration of the digital signature mechanism 3 Figure 3: The operational model for securing XML documents 15 Figure 4: The organization of the DSL securing tool 16 Figure 5: The architecture of a DSL document 19 Figure 6: The architecture of the encrypted and signed XML document 43 Figure 7: Modification of the schema 51 Figure 8: The Java interface GeneralSecurityInterface 55 Figure 9: The Java interface GeneralSignatureInterface 55 Figure 10: The Java interface GeneralDigestInterface 56 Figure 11: The architecture of the implemented DSL securing tool 58 Figure 12: The operation of a DSL editor 64 Figure 13: DSL editor: key definition page 64 Figure 14: DSL editor: algorithm definition page 65 Figure 15: DSL editor: security pattern definition page 65 Figure 16: DSL editor: transformation description definition page 65 Figure 17: DSL editor: digital signature definition page 65 Figure 18: Using the DSL securing tool to encrypt multiple XML documents 68 Figure 19: Using a securing application implemented in the DSL API to encrypt multiple XML documents that have the same structure produced by the same key 68 Figure 20: Using the DSL securing tool to encrypt an XML document with different keys 69 Figure 21: Using a securing application implemented in the DSL API to encrypt an XML document with different keys 69 Figure 22: Encrypting XML with DSL and encrypting XML using DSL APIs 70 Figure 23: Environment-setting methods 72 Figure 24: Securing and unsecuring 73 Figure 25: Security-rule management 74 Figure 26: Signature verification 74 Figure 27: The field members of the SignatureVerification class 75 Figure 28: Error handling 75 Figure 29: The methods of the DSLError class 75 Figure 30: Setting the pathname of the required keys, algorithms, and DSL documents 76 Figure 31: Checking the status of the loaded keys 76 Figure 32: Selecting input and output XML files 77 Figure 33: The result of the encryption 77 Figure 34: The processing model 81 Figure 35: The architecture of the XSLT style sheet 82 Figure 36: Comparison between the number of lines and bytes of the templates in DSL and XSLT Style sheet 88 Figure 37: Implementation of the Java interface GeneralSecurityInterface 102 Figure 38: Make the serialized file for the DDL protocol 102 Figure 39: Loading XML and DSL files, then encrypting the XML file 109 Figure 40: Encrypting multiple XML files with a single DSL document 110 Figure 41: Using one DSL document to encrypt multiple XML documents with different keys 110 Figure 42: Encrypting an XML node and returning an XML node 111 Figure 43: Coping with error messages 111 Figure 44: Error codes defined in the DSL API (note that the codes of all unendurable errors are prefixed with an asterisk) 112

    References
    1 T. Bray, E. Maler, J. Paoli, C. M. Sperberg-McQueen, “Extensible Markup Language (XML) 1.0 (Second Edition), W3C Recommendation,” October 2000.
    2 J. Gettys, J. Mogul, H. Frystyk, L. Masinter, P. Leach, and T. Berners-Lee, “Hypertext Transfer Protocol -- HTTP/1.1,” June 1999. http://www.ietf.org/rfc/rfc2616.txt.
    3 ISO (International Organization for Standardization). ISO 8879:1986(E). Information processing -- Text and Office Systems -- Standard Generalized Markup Language (SGML). First edition -- 1986-10-15. [Geneva]: International Organization for Standardization, 1986.
    4 Bruce Schneier, “Applied Cryptography: Protocols, Algorithms, and Source Code in C,” 2nd Edition, published by John Wiley & Sons.
    5 R. L. Rivest, A. Shamir, and L. Adleman, “A Method for Obtaining Digital Signatures and Public-Key Cryptosystems,” Communications of the ACM, Feb. 1978, vol.21, pp.122-126.
    6 P. Kitsos, N. Sklavos, and O. Koufopavlou, “An Efficient Implementation of the Digital Signature Algorithm,” proceedings of 9th IEEE International Conference on Electronics, Circuits and Systems (ICECS'02), Croatia, 2002.
    7 National Institute of Standards and Technology, Data Encryption Standard, Federal Information Processing Standard, FIPS PUB 46-2, December 1993.
    8 Ricardo Rosario, “Secure XML: An Overview of XML Encryption,” http://www.cs.rit.edu/~rlr6379/xml_encryption.htm.
    9 Paul Brandt and Frederik Bonte, “Towards secure XML,” http://lists.w3.org/Archives/Public/xml-encryption/2000Oct/att-0016/02-Discussion_paper_sXML.doc.
    10 Hiroshi Maruyama and Takeshi Imamura, “Element-wise XML Encryption,” 2000. http://www.alphaworks.ibm.com/tech/xmlsecuritysuite.
    11 Drug Tidwell, “Extending XSLT to Encrypt XML on the Fly,” http://web.oreilly.com/news/XSLT_0801.html.
    12 “XML Encryption WG,” http://www.w3.org/Encryption/2001/Overview.html.
    13 TAIWAN-CA.COM Inc, http://www.taica.com.tw/.
    14 VeriSign Secure Site, http://www.verisign.com/.
    15 J. Clark, “XSLT Transforms (XSLT) Version 1.0. W3C Recommendation,” November 1999. http://www.w3.org/TR/1999/REC-XSLT-19991116.html.
    16 Scott Boag, Don Chamberlin, Mary F. Fernandez, Daniela Florescu, Jonathan Robie, and Jerome Simeon, “XQuery 1.0: An XML Query Language. W3C Candidate Recommendation 3 November 2005,” http://www.w3.org/TR/xquery/.
    17 Michiharu Kudo and Satoshi Hada, “XML Document Security based on Provisional Authorization,” ACM Conference on Computer and Communication Security (CCS 2000), Nov. 2000.
    18 Satoshi Hada and Michiharu Kudo, “XML access control language (XACL): Provisional Authorization for XML Doucments,” Tokyo Research Laboratory, IBM Research. http://www.trl.ibm.com/projects/xml/xacl/xacl-spec.html.
    19 Ernesto Damiani, Pierangela Samarati di Vimercati, and Stefano Paraboschi, “Controlling Access to XML Documents,” IEEE Internet Computing, Dec. 2001.
    20 Elisa Bertino, Silvana Castano, and Elena Ferrari, “On specifying Security Policies for Web Documents with an XML-based Language,” ACM SACMAT, 2001.
    21 P. Devanbu, M. Gertz, A. Kwong, C.Martel, G. Nuckolls, and S. G. Stubblebine, “Flexible Authentication of XML Documents,” ACM CCS, 2001.
    22 Nathan N. Vuong, Geoffrey S. Smith, and Yi Deng, “Managing Security Policies in a Distributed Environment Using extensible Markup Language (XML),” ACM SAC, 2001.
    23 Takeshi Imamura and Hiroshi Maruyama, “Specification of Element-wise XML Encryption,” 2000. http://lists.w3.org/Archives/Public/xml-encryption/2000Aug/att-0005/01-xmlenc-spec.html.
    24 E. Simon and B. LaMacchia, “XML Encryption strawman proposal,” Aug 09 2000. http://lists.w3.org/Archives/Public/xml-encryption/2000Aug/0001.html.
    25 T.i Imamura, “Another proposal of XML Encryption,” Aug 14 2000. http://lists.w3.org/Archives/Public/xml-encryption/2000Aug/0005.html.
    26 Takeshi Imamura, Blair Dillaway, and Edi Simon, “XML Encryption Syntax and Processing,” W3C Recommendation 10 December 2002. http://www.w3.org/TR/2002/REC-xmlenc-core-20021210.
    27 Ed Simon , “Re: Attribute encryption, Schema validation, role of XSLT, scope of XML Encryption document (from XML Encryption Mailing List),” Jan 11 2001. http://lists.w3.org/Archives/Public/xml-encryption/2001Jan/0033.html.
    28 Steve Wiley, “Re: Attribute encryption (from XML Encryption Mailing List),” Jan 10 2001. http://lists.w3.org/Archives/Public/xml-encryption/2001Jan/0031.html.
    29 Steve Wiley, “Re: Attribute encryption & Blair's message (from XML Encryption Mailing List),” Jan 13 2001. http://lists.w3.org/Archives/Public/xml-encryption/2001Jan/0045.html.
    30 Philip Hallam-Baker, “Re: Attribute encryption & Blair's message (from XML Encryption Mailing List),” January 12, 2001. http://lists.w3.org/Archives/Public/xml-encryption/2001Jan/0043.html
    31 Yongge Wang, “Attribute encryption and low entropy (from XML Encryption Mailing List),” Jan 18 2001. http://lists.w3.org/Archives/Public/xml-encryption/2001Jan/0061.html

    32 David C. Fallside, “XML Schema Part 0: Primer,” W3C Recommendation, 2 May 2001. http://www.w3.org/TR/xmlschema-0/.
    33 Blair Dillaway, “Re: Attribute encryption (from XML Encryption Mailing List),” Jan 9 2001. http://lists.w3.org/Archives/Public/xml-encryption/2001Jan/0025.html
    34 S. Goldwasser and S. Micali. “Probabilistic encryption,” Journal of Computer and System Sciences, 28(2), pp. 270-299, April 1984.
    35 Joseph Reagle, “XML Encryption Requirements,” W3C Working Draft 18 October 2001. http://www.w3.org/TR/2001/WD-xml-encryption-req-20011018.
    36 Ed Simon, “XML Encryption: Issues Regarding Attribute Values and Referenced, External Data,” Jan 31 2001. http://www.w3.org/Encryption/2001/Minutes/0103-Boston/simon-attribute-encryption.html.
    37 R.G. Bartlett, M.W. Cook, “XML security using XSLT”. Proceedings of the 36th Annual Hawaii International Conference on System Sciences, 6-9 Jan. 2003, pp: 122 –127.
    38 MIME (Multipurpose Internet Mail Extensions) Part One: Mechanisms for Specifying and Describing the Format of Internet Message Bodies http://www.ietf.org/rfc/rfc1521.txt.
    39 James Gosling, Bill Joy, and Guy Steele. “The Java Language Specification,” First Edition, Addison-Wesley, Reading, Massachusetts, USA, 1986.
    40 Java(TM) Remote Method Invocation (RMI), http://java.sun.com/j2se/1.3/docs/guide/rmi/.
    41 Arnold, Wollrath, O'Sullivan, Scheifler, Waldo, “The Jini Specification,” Addison-Wesley, June 1999.
    42 Common Object Request Broker Architecture (CORBA/IIOP Specification), http://www.omg.org/technology/documents/formal/corba_iiop.htm.
    43 J. Clark and S. DeRose, “XML Path Language (XPath) Version 1.0. W3C Recommendation,” 16 November 1999, http://www.w3.org/TR/1999/REC-xpath-19991116.xml.
    44 Mark Bartel, John Boyer, Barb Fox, Brian LaMacchia, and Ed Simon, “XML-Signature Syntax and Processing W3C Recommendation,” 12 February 2002.
    45 Kelvin Lawrence, Chris Kaler, Anthony Nadalin, Martin Gudgin, Abbie Barbir, and Hans Granqvist, “WS-SecurityPolicy v1.0,” http://www.oasis-open.org/committees/download.php/15979/oasis-wssx-ws-securitypolicy-1.0.pdf, 2005.
    46 Sun Microsystem, “The Source for Java(TM) Technology,” http://java.sun.com, 2002.
    47 The alphaWorks, “XML Parser for Java,” November 25, 2002, http://www.alphaworks.ibm.com/tech/xml4j.
    48 J. Clark, “XSLT Transforms (XSLT) Version 1.0. W3C Recommendation,” November 1999. http://www.w3.org/TR/1999/REC-XSLT-19991116.html.
    49 The Apache Software Foundation, “Xalan-Java,” 2002. http://xml.apache.org/xalan-j/.
    50 Gwan-Hwan Hwang and Tao-Ku Chang, “The Document Security Language (DSL) V2.0”, http://www.xml-dsl.com/DSL_Syntax_v2.pdf.
    51 Tao-Ku Chang and Gwan-Hwan Hwang, “Using the Extension Function of XSLT and DSL to Secure XML Documents,” International Conference on Advanced Information Networking and Applications (AINA 2004), Fukuoka, Japan.
    52 Gwan-Hwan Hwang and Tao-Ku Chang, “The DSL Editor”, http://www.xml-dsl.com/DSL_editor_detail.htm.
    53 “XML Security Suite,” http://www.alphaworks.ibm.com/tech/xmlsecuritysuite.
    54 “Phaos Liberty Toolkit,” http://www.phaos.com.
    55 Tim Moses, “eXtensible Access Control Markup Language (XACML) Version 2.0,” Committee draft 04, 6 Dec 2004. http://docs.oasis-open.org/xacml/access_control-xacml-2_0-core-spec-cd-04.pdf.
    56 Project: XQEngine - XML Query Engine, http://xqengine.sourceforge.net/.
    57 Project: XQuench - XML Query Engine, http://xquench.sourceforge.net/.
    58 Xavier C. Franc's Qizx/Open: http://www.xfra.net/qizxopen.
    59 Galax. Available from: http://www.galaxquery.org.
    60 Qexo. The GNU Kawa implementation of XQuery. Available from: http://www.gnu.org/software/qexo/.
    61 Saxon. http://www.saxonica.com/.
    62 Int’l Organization for Standardization, Information Technology- Database Language-SQL-Part 1: Framework (SQL/Framework), ISO/IEC 9075-1: 1999 and Information Technology- Database Language-SQL-Part 2: Foundation (SQL/Foundation), ISO/IEC 9075-2: 1999, http://www.iso.org, 1999..
    63 Charles N. Fischer and Richard J. LeBlanc, Jr. “Crafting A Compiler with C,” The Benjamin/Cummings Publishing Company, Inc., 1991.

    下載圖示
    QR CODE