Main Page

Secure XML: The New Syntax for Signatures and Encryption
By Donald E. Eastlake, Kitty Niles
Publisher : Addison Wesley
Pub Date : July 19, 2002
ISBN : 0-201-75605-6
Pages : 560

Extensible Markup Language (XML) is the environment of choice for creating many of today's technologically sophisticated and security-sensitive Web applications. With Secure XML, developers now have the hands-on guide they need to combine a strong foundation in XML with proven, practical techniques for enabling the secure transmission of data across the Web.

Broad-based and comprehensive, Secure XML fully documents every feature and issue involved with XML security. Opening with a complete introduction to XML, the book then provides detailed coverage of authentication, canonicalization, keying, encryption, algorithms, and more. Notes, background information, guidelines, and "soapbox," or heretical comments, expand on the book's practical focus throughout. In all, this book features the most comprehensive roadmap to digital security and XML encryption available.

Topics covered in-depth include:

  • XML basics—documents, namespaces, structures, DTDs and schemas, and stylesheets

  • XPath, XPointer, and SOAP

  • Digital cryptography basics--secret and public key ciphers, asymmetric keys, digital signatures, and certificates

  • XML canonicalization, signatures, and authentication

  • XML encryption

Key management and combining encryption with signatures Cryptographic algorithms and noncryptographic algorithmsDetailed and practical, this book provides reliable solutions for securing XML and for safeguarding information flow across today's sophisticated Web.

•  Table of Contents
Secure XML: The New Syntax for Signatures and Encryption
By Donald E. Eastlake, Kitty Niles
Publisher : Addison Wesley
Pub Date : July 19, 2002
ISBN : 0-201-75605-6
Pages : 560
    Part I.  Introduction
      Chapter 1.  XML and Security
      Section 1.1.  XML
      Section 1.2.  The Need for Secure XML
      Section 1.3.  Status of XML Security Standardization
      Section 1.4.  Work in Progress
      Chapter 2.  Digital Cryptography Basics
      Section 2.1.  Message Digests
      Section 2.2.  Message Authentication Codes
      Section 2.3.  Secret or Symmetric Key Ciphers
      Section 2.4.  Public or Asymmetric Key Ciphers
      Section 2.5.  Asymmetric Keys and Authentication
      Section 2.6.  Digital Signatures
      Section 2.7.  Certificates
      Section 2.8.  Enveloped Encryption
      Section 2.9.  Canonicalization
      Section 2.10.  Randomness
      Section 2.11.  Other Facets of Security
      Section 2.12.  Cryptography: A Subtle Art
    Part II.  XML Basics
      Chapter 3.  The Extensible Markup Language
      Section 3.1.  Related Standards and Recommendations
      Section 3.2.  XML Documents
      Section 3.3.  XML Document Structure
      Section 3.4.  XML Document Logical Structure
      Section 3.5.  XML Namespaces
      Section 3.6.  XML Document Physical Structure
      Section 3.7.  XML and Stylesheets
      Chapter 4.  XML Document Type Definitions
      Section 4.1.  Introduction to DTDs
      Section 4.2.  Document Type Declarations
      Section 4.3.  Element Type Declarations
      Section 4.4.  Defining Attributes in DTDs
      Section 4.5.  Entity Reference Declarations
      Section 4.6.  Notation Declarations
      Chapter 5.  XML Schema
      Section 5.1.  Overview
      Section 5.2.  Types
      Section 5.3.  Elements and Attributes
      Section 5.4.  Namespaces
      Section 5.5.  Miscellaneous Aspects of Schemas
      Section 5.6.  Parts Not Covered
      Chapter 6.  XPath: A Basic Building Block
      Section 6.1.  Introduction to XPath
      Section 6.2.  Data Model
      Section 6.3.  Location Paths
      Section 6.4.  Expressions
      Section 6.5.  Function Library
      Chapter 7.  URIs, xml:base, and XPointer
      Section 7.1.  URIs
      Section 7.2.  xml:base
      Section 7.3.  XPointer
      Chapter 8.  SOAP
      Section 8.1.  Introduction to SOAP
      Section 8.2.  SOAP Envelope, Message Exchange, and Processing Model
      Section 8.3.  SOAP Encoding
      Section 8.4.  SOAP Transport Binding and HTTP
      Section 8.5.  SOAP Remote Procedure Call
    Part III.  Canonicalization and Authentication
      Chapter 9.  XML Canonicalization: The Key to Robustness
      Section 9.1.  Canonicalization—Essential for Signatures Over XML
      Section 9.2.  Canonical XML and XML Encryption
      Section 9.3.  Transformative Summary
      Section 9.4.  The XML Canonicalization Data Model
      Section 9.5.  Formal Generative Specification
      Section 9.6.  Limitations of XML Canonicalization
      Chapter 10.  XML Signatures and Authentication
      Section 10.1.  Introduction to XML Digital Signatures
      Section 10.2.  XML Signature Syntax
      Section 10.3.  XML Signature Examples
      Section 10.4.  Transforms and the Use of XPath
      Section 10.5.  Processing Rules
      Section 10.6.  Security of Signatures
      Chapter 11.  Profiling XMLDSIG for Applications
      Section 11.1.  P3P XMLDSIG
      Section 11.2.  SOAP XMLDSIG
      Chapter 12.  ETSI "Advanced" XML Signatures
      Section 12.1.  Levels of XAdES Signature
      Section 12.2.  XAdES Signature Syntax Basics
      Section 12.3.  XAdES Signature Elements Syntax
      Section 12.4.  Validation Data Syntax
    Part IV.  Keying
      Chapter 13.  The KeyInfo Element
      KeyInfo Element Syntax
      KeyInfo Child Elements
      Private Keys
      Section 13.1.  The KeyValue Element
      Section 13.2.  The EncryptedKey Element
      Section 13.3.  The RetrievalMethod Element
      Section 13.4.  The AgreementMethod Element
      Section 13.5.  The KeyName Element
      Section 13.6.  The X509Data Element
      Section 13.7.  The PGPData Element
      Section 13.8.  The SPKIData Element
      Section 13.9.  The MgmtData Element
      Chapter 14.  XKMS: XML Key Management
      Section 14.1.  The Key Information Service
      Section 14.2.  XKMS Common Data Elements
      Section 14.3.  The Key Registration Service
      Section 14.4.  XKMS Cryptographic Algorithms
      Section 14.5.  Security Considerations
    Part V.  Encryption
      Chapter 15.  XML Encryption
      Section 15.1.  Introduction to XML Encryption
      Section 15.2.  XML Encryption Syntax
      Section 15.3.  Encryption Examples
      Section 15.4.  Processing Flow
      Section 15.5.  Encryption Security Considerations
      Chapter 16.  Combining Encryption and Signature
      Section 16.1.  General Considerations
      Section 16.2.  The Decryption Transform
    Part VI.  Algorithms
      Chapter 17.  Overview of Algorithms
      Section 17.1.  Algorithm Syntax
      Section 17.2.  Algorithmic Roles
      Chapter 18.  Cryptographic Algorithms
      Section 18.1.  Message Digests
      Section 18.2.  Key Agreement Algorithms
      Section 18.3.  Message Authentication Codes
      Section 18.4.  Signature Algorithms
      Section 18.5.  Block Encryption Algorithms
      Section 18.6.  Stream Encryption Algorithms
      Section 18.7.  Key Transport Algorithms
      Section 18.8.  Symmetric Key Wrap Algorithms
      Chapter 19.  Non-cryptographic Algorithms
      Section 19.1.  Canonicalization Algorithms
      Section 19.2.  Transformation Algorithms
    Part VII.  Appendixes
      Appendix A.  XML Security Implementations
      Section A.1.  Apache
      Section A.2.  Baltimore Technologies
      Section A.3.  Capslock
      Section A.4.  Done Information
      Section A.5.  DSTC
      Section A.6.  Entrust
      Section A.7.  Fujitsu
      Section A.8.  GapXse
      Section A.9.  HP Web Services
      Section A.10.  IAIK
      Section A.11.  IBM
      Section A.12.  Infomosaic
      Section A.13.  JDSS II
      Section A.14.  Mather
      Section A.15.  Microsoft
      Section A.16.  NEC
      Section A.17.  Phaos Technology
      Section A.18.  Poupou
      Section A.19.  RSA Security
      Section A.20.  Siggen
      Section A.21.  Verisign
      Section A.22.  W3C
      Section A.23.  WebSig
      Section A.24.  Wedgetail
      Section A.25.  XML Sec
      Appendix B.  The W3C and W3C Documents
      Section B.1.  Access to W3C Documents
      Section B.2.  W3C Document Status
      Section B.3.  W3C Document Format
      Section B.4.  W3C Document Disclaimer
      Section B.5.  W3C Software Disclaimer
      Appendix C.  The IETF and IETF Documents
      Section C.1.  RFC Status
      Section C.2.  Access to RFCs
      Section C.3.  RFC Format
      Appendix D.  The NIST and NIST Documents
      Section D.1.  Access to NIST FIPS Documents
      Section D.2.  Status of NIST Documents
      Section D.3.  Format of FIPS
      Appendix E.  The Paper and Protocol Points of View
      Section E.1.  The Basic Points of View
      Section E.2.  Questions of Meaning
      Section E.3.  Processing Models
      Section E.4.  Security and Canonicalization
      Section E.5.  Unique Internal Labels
      Section E.6.  Examples
      Section E.7.  Resolution of the Points of View
      Appendix F.  SOAP Encoding Schema
      References and Acronyms