XML data integrity based on concatenated hash function

Data integrity is the fundamental for data authentication. A major problem for XML data authentication is that signed XML data can be copied to another document but still keep signature valid. This is caused by XML data integrity protecting. Through investigation, the paper discovered that besides data content integrity, XML data integrity should also protect element location information, and context referential integrity under fine-grained security situation. The aim of this paper is to propose a model for XML data integrity considering XML data features. The paper presents an XML data integrity model named as CSR (content integrity, structure integrity, context referential integrity) based on a concatenated hash function. XML data content integrity is ensured using an iterative hash process, structure integrity is protected by hashing an absolute path string from root node, and context referential integrity is ensured by protecting context-related elements. Presented XML data integrity model can satisfy integrity requirements under situation of fine-grained security, and compatible with XML signature. Through evaluation, the integrity model presented has a higher efficiency on digest value-generation than the Merkle hash tree-based integrity model for XML data

Estratégias para Utilização das Tecnologias do Google Code no Gerenciamento Ágil de Projeto

Project management (PM) of innovation products is characterized by uncertainty and collaborationbetween different teams. There are discussions about the utilization of current PM software and apossible solution is to explore de concept of Cloud Computing. For exemple are GoogleSpreadsheet e Google Calendar. The theme is investigated with strategies evaluation dates ofprogramming project, between an application in JAVA developing by researches and Googleapplication using the Google Codes API´s. The article describes the applications Google Gadgets,Google Spreadsheet, Google Calendar and Google Apps Script, indentifying the possible strategiesfor integration with a PM solution. The results are proven to developing prototype and discussionabout the news features for future application. The article illustrates and compares the Googletechnologies describing the potential for a development a agile project management application.The final results show that the best strategies would be to use Google Calendar interaction with aPM tool and indicates future research to create a complete solution based on the theme.O gerenciamento de projetos (GP) de produtos inovadores é caracterizado por incertezas e colaboração entre diferentes equipes. Há críticas sobre a adequação dos softwares atuais de GP e uma solução possível é explorar o conceito de Cloud Computing. Um exemplo são os aplicativos Google Spreadsheet e Google Calendar. O tema é investigado com a avaliação de estratégias de integração de dados de programação de projeto, entre um aplicativo especialmente desenvolvido pelos pesquisadores, programado em JAVA, e os aplicativos do Google, com o uso de APIs do Google Code. O artigo descreve os recursos dos aplicativos Google Gadget, Google Spreadsheet, Google Apps Script e Google Calendar, identifica possíveis estratégias de integração para uma solução de GP, descreve os resultados de um protótipo realizado e discute potenciais futuros para a aplicação. Ilustra e compara essas tecnologias e descreve o potencial para a criação de soluções de um aplicativo de gerenciamento ágil de projetos. Como resultado final, mostra a melhor estratégia que seria a utilização do Google Calendar em interação com uma ferramenta de GP, e indica pesquisas futuras para a criação de uma solução completa baseada no tema.DOI:10.5585/gep.v2i1.3

XML security in XML data integrity, authentication, and confidentiality

The widely application of XML has increasingly required high security. XML security confronts some challenges that are strong relating to its features. XML data integrity needs to protect element location information and contextreferential meaning as well as data content integrity under fine-grained security situations. XML data authentication must satisfy a signing process under a dependent and independent multi-signature generation scenario. When several different sections are encrypted within the XML data, it cannot query the encrypted contents without decrypting the encrypted portions. The technologies relating to XML security demand further development. This thesis aims to improve XML security relative technologies, and make them more practicable and secure. A novel revocation information validation approach for X.509 certificate is proposed based on the XML digital signature technology. This approach reduces the complexity of XKMS or PKI systems because it eliminates the requirement for additional revocation checking from XKMS or CA. The communication burden between server and client could be alleviated. The thesis presents the context-referential integrity for XML data. An integrity solution for XML data is also proposed based on the concatenated hash function. The integrity model proposed not only ensures XML data content integrity, but also protects the structure integrity and elements’ context relationship within an XML data. If this model is integrated into XML signature technology, the signature cannot be copied to another document still keeping valid. A new series-parallel XML multi-signature scheme is proposed. The presented scheme is a mixed order specified XML multi-signature scheme according to a dependent and independent signing process. Using presented XML data integrity-checking pool to provide integrity-checking for decomposed XML data, it makes signing XPath expression practicable, rather than signing XML data itself. A new labeling scheme for encrypted XML data is presented to improve the efficiency of index information maintenance which is applied to support encrypted XML data query processing. The proposed labelling scheme makes maintenance index information more efficient, and it is easy to update XML data with decreasing the number of affected nodes to the lowest. In order to protect structural information for encrypted XML data, the encrypted nodes are removed from original XML data, and structural information is hidden. A case study is carried out to demonstrate how the proposed XML security relative approaches and schemes can be applied to satisfy fine-grained XML security in calibration certificate management.EThOS - Electronic Theses Online ServiceGBUnited Kingdo