Security Overview

Before we examine the issues related to XML security, it's important to understand the basics of e-commercebased security so we can take note of the special issues introduced by XML. Figure 7.1 illustrates the three basic security requirements for e-business:

• Confidentiality: Ensuring that information is not made available or disclosed to unauthorized individuals, entities, or pro cesses. Some one eavesdropping on a conversation or tapping into a data stream should not be able to understand the communication.

• Authentication: The ability to determine that a message really comes from the listed sender. Closely associated with authentication is nonrepudiation: preventing the originator of a document or communication from denying having sent it. For a business transaction to be valid, neither party should later be able to deny participation.

• Data integrity: Ensuring that when information arrives at its destination it hasn't been tampered with or altered in transit from its original form, either accidentally or deliberately.

These three dimensions of secure e-commerce rest on a foundation of cryptography. All cryptography operates according to the same basic principle: some algorithm or formula is used to scramble or encipher information so that it is difficult to determine its meaning without an appropriate key to unscramble or decipher the information. Approaches to cryptography fall into two main categories: single-key encryption, which relies on a single secret key to encode and decode information, and public-key cryptography, which uses two keys, one private and the other public, to encode and decode data.

Single-Key Cryptography

In the past, most encryption systems used a single secret key for encoding and decoding information. However, single-key encryption systems face the problem of making the single key known to the message recipient. During World War II, a similar but more sophisticated scheme was used when letter sequences from pages in popular novels were used as the basis for encrypting messages. However, schemes employing a single key exhibit one fundamental weakness: the decoding key must be somehow communicated from sender to receiver.

Whether one uses a letter-offset technique such as replacing "a" with "b," "b" with "c," and so on, or a state-of-the-art 1024-bit encryption key to mathematically compute a substitute letter, there is still the problem of making the key known to the message recipient.

In electronic commerce, single-key systems are effective for secure communication between fixed devices such as ATM machines and servers, since encryption keys can be determined in advance and stored on both the server and the ATM machine. However, single keys don't work well on the Web, where commerce depends on individuals just showing up to do business. For the Web, the answer lies in public-key cryptography.

Public-Key Cryptography

Public-key cryptography enables secure communication between parties without the need to exchange a secret key . It is the basis for privacy, authentication, data integrity, and nonrepudiation, the basic elements for any Web-based e-commerce system. Public-key cryptography uses a complex mathematical formula to generate two separate but related keys, one open to public view and the other private, known only to one individual. The complementary public and private keys can be used to handle confidentiality and authentication. Each requires key usage in a slightly different way.

Confidentiality

Confidentiality in digital communication can be accomplished by using someone's public key to send a message. As Figure 7.2 shows, messages encoded with a public key can be decoded only by the corresponding private key, ensuring that the message is kept confidential. The owner of the private key never has to reveal that key to anyone .

Authentication

Keeping messages secret is only one aspect of electronic communication. Although a public key guarantees secrecy , it is impossible to authenticate the sender of the message encoded with a public key. However, messages encoded with the private key can be decoded only by the public key, thereby ensuring authentication.

Data Integrity

Data integrity ensures that the message received is the message sent. The technology for validating messages is called digital hashing. A digest or digital hash is an algorithmically generated short string of characters that uniquely characterizes a document. As Figure 7.3 shows, if the document changes in any way, recomputing the digest will yield a different result; if the document is copied verbatim, the digest will be exactly the same. Thus, to test the integrity of a document, one compares the digital hash of the original document with that of the version received; if the hashes do not match, the data integrity of the document has been compromised. Although it's theoretically possible for two different documents to generate the same digital hash, it's practically impossible to use this fact to defeat the comparison procedure.

Digital Signatures

A digital signature is like writing your name across the face of a document. A digital signature in combination with public-key encryption is used to authenticate the identity of the sender by encrypting with a private key and to validate the content of the message by transmitting a copy of the digital hash of the message.

Digital signatures can be used in a range of applications from online credit card purchases to the verification of complex legal documents. For example, if you send your will electronically to your attorney in another city, you want the assurance that someone can't intercept it along the way and make changes to it; you want a guarantee that the document that goes into your attorney's file is identical to the one you actually sent, and you want your attorney to have the assurance that the will actually came from you. To accomplish this, you must

1. Write the will

2. Create a digital hash of the will

3. Encrypt both the original will and the digital hash with your private key

4. Send the encrypted document to your attorney

Upon receiving the will, your attorney will

1. Decode the document with your public key, thereby guaranteeing that the will was actually sent by you

2. Compute a digital hash of the document received

3. Compare the resultant digital hash with the hash contained in the message

If the hashes match, the will can safely be recorded; if the hashes do not match, the will has been tampered with.

Managing Certificates and Private Keys

While digital signing is an important technology for ensuring secure e-commerce, keeping certificates and private keys secure remains one of the biggest security challenges. Unlike short passwords, which are usually easy to memorize, private- and public-key pairs are very difficult to memorize because they are mathematically generated. Certificate authorities address the problem of how to be sure that, when your lawyer retrieves your public key, it's really your public key and not someone else's. Certificates are issued by a CA, a trusted entity that manages certificate distribution. If each party in a transaction has a certificate issued from a trusted CA, the transaction can be completed.

Once a CA is chosen , certificates from companies signed by that authority are trusted. However, trusting a CA is a matter of choice. Netscape Navigator and Microsoft Internet Explorer come with a list of certificates for some trusted CAs (like Verisign and Entrust). Current versions of both browsers let you manage that list, adding certificates for CAs you trust and removing those you choose not to trust.

When issued, a certificate is given a set life span, for example, 365 days. When it expires, a new certificate must be issued. However, the question of certificate revocation must also be addressed. There are many reasons why a certificate might need to be revoked long before it expires . For example, an e-commerce site may close down, in which case the certificate should be revoked so that it can't be used for improper purposes.