8 research outputs found
XML data integrity based on concatenated hash function
Data integrity is the fundamental for data authentication. A major problem for XML data authentication is that signed XML data can be copied to another document but still keep signature valid. This is caused by XML data integrity protecting. Through investigation, the paper discovered that besides data content integrity, XML data integrity should also protect element location information, and context referential integrity under fine-grained security situation. The aim of this paper is to propose a model for XML data integrity considering XML data features. The paper presents an XML data integrity model named as CSR (content integrity, structure integrity, context referential integrity) based on a concatenated hash function. XML data content integrity is ensured using an iterative hash process, structure integrity is protected by hashing an absolute path string from root node, and context referential integrity is ensured by protecting context-related elements. Presented XML data integrity model can satisfy integrity requirements under situation of fine-grained security, and compatible with XML signature. Through evaluation, the integrity model presented has a higher efficiency on digest value-generation than the Merkle hash tree-based integrity model for XML data
Secure Software Development: Issues and Challenges
In recent years, technology has advanced considerably with the introduction
of many systems including advanced robotics, big data analytics, cloud
computing, machine learning and many more. The opportunities to exploit the yet
to come security that comes with these systems are going toe to toe with new
releases of security protocols to combat this exploitation to provide a secure
system. The digitization of our lives proves to solve our human problems as
well as improve quality of life but because it is digitalized, information and
technology could be misused for other malicious gains. Hackers aim to steal the
data of innocent people to use it for other causes such as identity fraud,
scams and many more. This issue can be corrected during the software
development life cycle, integrating security across the development phases, and
testing of the software is done early to reduce the number of vulnerabilities
that might or might not heavily impact an organisation depending on the range
of the attack. The goal of a secured system software is to prevent such
exploitations from ever happening by conducting a system life cycle where
through planning and testing is done to maximise security while maintaining
functionality of the system. In this paper, we are going to discuss the recent
trends in security for system development as well as our predictions and
suggestions to improve the current security practices in this industry.Comment: 20 Pages, 4 Figure
Enhanced Version Control for Unconventional Applications
The Extensible Markup Language (XML) is widely used to store, retrieve, and share digital documents. Recently, a form of Version Control System has been applied to the language, resulting in Version-Aware XML allowing for enhanced portability and scalability. While Version Control Systems are able to keep track of changes made to documents, we think that there is untapped potential in the technology. In this dissertation, we present novel ways of using Version Control System to enhance the security and performance of existing applications. We present a framework to maintain integrity in offline XML documents and provide non-repudiation security features that are independent of central certificate repositories. In addition, we use Version Control information to enhance the performance of Automated Policy Enforcement eXchange framework (APEX), an existing document security framework developed by Hewlett-Packard (HP) Labs.
Finally, we present an interactive and scalable visualization framework to represent Version-Aware-related data that helps users visualize and understand version control data, delete specific revisions of a document, and access a comprehensive overview of the entire versioning history
XML security in XML data integrity, authentication, and confidentiality
The widely application of XML has increasingly required high security. XML security confronts some challenges that are strong relating to its features. XML data integrity needs to protect element location information and contextreferential meaning as well as data content integrity under fine-grained security situations. XML data authentication must satisfy a signing process under a dependent and independent multi-signature generation scenario. When several different sections are encrypted within the XML data, it cannot query the encrypted contents without decrypting the encrypted portions. The technologies relating to XML security demand further development. This thesis aims to improve XML security relative technologies, and make them more practicable and secure. A novel revocation information validation approach for X.509 certificate is proposed based on the XML digital signature technology. This approach reduces the complexity of XKMS or PKI systems because it eliminates the requirement for additional revocation checking from XKMS or CA. The communication burden between server and client could be alleviated. The thesis presents the context-referential integrity for XML data. An integrity solution for XML data is also proposed based on the concatenated hash function. The integrity model proposed not only ensures XML data content integrity, but also protects the structure integrity and elements’ context relationship within an XML data. If this model is integrated into XML signature technology, the signature cannot be copied to another document still keeping valid. A new series-parallel XML multi-signature scheme is proposed. The presented scheme is a mixed order specified XML multi-signature scheme according to a dependent and independent signing process. Using presented XML data integrity-checking pool to provide integrity-checking for decomposed XML data, it makes signing XPath expression practicable, rather than signing XML data itself. A new labeling scheme for encrypted XML data is presented to improve the efficiency of index information maintenance which is applied to support encrypted XML data query processing. The proposed labelling scheme makes maintenance index information more efficient, and it is easy to update XML data with decreasing the number of affected nodes to the lowest. In order to protect structural information for encrypted XML data, the encrypted nodes are removed from original XML data, and structural information is hidden. A case study is carried out to demonstrate how the proposed XML security relative approaches and schemes can be applied to satisfy fine-grained XML security in calibration certificate management.EThOS - Electronic Theses Online ServiceGBUnited Kingdo
Recommended from our members
Analysis of Information Security Risks and Protection Management Requirements for Enterprise Networks.
With widespread of harmful attacks against enterprisesÂż electronic services, information security readiness of these enterprises is becoming of increasing importance for establishing the required safe environment for such services. Various approaches are proposed to manage enterprise information security risks and to assess its information security readiness. These approaches are, however, not adequate to manage information security risks, as all required information security components of its structural and procedural dimensions have not considered. In addition, current assessment approaches lack numerical indicators in assessing enterprise information security readiness. Furthermore, there is no standard approach for analysing cost versus benefit in selecting recommended protection measures.
This thesis aims at contributing to the knowledge by developing comprehensive Enterprise Information Security Risk Management (EISRM) framework that integrates typical approaches for information security risk management, and incorporates main components of key risk management methodologies. In addition, for supporting phases of the proposed EISRM framework, analytical models for enterprise information security readiness assessment and cost-benefit analysis are developed.
The practical evaluation, using the proposed enterprise information security readiness assessment model has been performed depending on a developed investigation form that used to investigate nine enterprises inside Saudi Arabia. The results demonstrate the effectiveness of the model in assessing and comparing enterprises information security readiness at all levels of the model, using numerical indicators and graphical representations. The EISRM framework and the analytical models presented in this research can be used by enterprises as single point of reference for assessing and cost effectively improving their information security readiness
XML Security — A Comparative Literature Review
Since the turn of the millenium, Working Groups of the W3C have been concentrating on the development of XML based security standards, which are paraphrased as XML Security. XML Security consists of three recommendations: XML (Digital) Signature, XML Encryption and XML Key Management Specification (XKMS), all of them published by the W3C. By means of a review of the available literature the authors draw several conclusions about the status quo of XML Security. Furthermore the current state and focuses of research as well as the existing challenges are derived. Trends to different application areas- e.g. use of XML Security for Mobile Computing- are also outlined. Based on this information the analyzed results are discussed and a future outlook is predicted