Application In Shared-data Exchange Based On XML Security Technology

XML is widely used in various industries because of its characteristics such as structural form, high interoperability, exchangibility, extensibility and so on. With the general use of XML, the security of XML datas has become more and more important such as the confidentiality of XML data, its intergrity, authenticity and non-repudiation and so on. This thesis has studied the following issues based on the above problem.Firstly, the thesis analyzes the characteristics of XML technology, the reasons that XML-security issues are put forward and the research situation of XML security technology at home and abroad. It also introduces the encryption technology and digital signature technology in the cryptology. The thesis again analyzes the specifications of XML, the features of XML application, principles of parsing XML and XML security technology.Secondly, the thesis develops a kind of universal safe exchange scheme for XML data. This scheme mainly uses the technology of XML signature, XML encryption and XKMS and can realize the secure exchange of XML datas to a certain extent. The proposed scheme has guaranteed the safety transmission of data from the perspective of the safety of public key, the safety of private key and of data. To make sure of the safety of the public key, the scheme integrates the private key management criterion with the existed PKI technology, with the XKMS abstracting the complexity of the managing client application program to the trustful third party, thus making it much easier to manage the PKI. The public key encryprion algorithm is applied for the safety management of private key, and it is of high safety to exchange private key using the DiffieHellman algorithm. The RSA algorithm is applied for the XML digital signature, which is a pretty safe asymetric encryption algorithm. The AES algorithm is applied to encrypt XML, which belongs to the symmetric encryption algorithm. The AES algorithm has better executive performance as compared with the 3DES algoritm. Lastly, based on the safe scheme of XML data exchange, the thesis develops a component for safe exchange of data within enterprises using the technology of XML and XML encryption, after fully analyzing the related theory of XML security technology.