Summary

XML Encryption is a flexible, powerful technology for keeping all or parts of XML documents or even external files confidential. It builds on XML Signature, using important parts of the XML Signature grammar such as KeyInfo and the Reference structure. XML encryption allows the use of shared (secret) key technology alone or to combine public key and shared key, utilizing the power of both.

Arguably the most important element within XML Encryption is the EncryptedType abstract element; it shows up in an XML document as one of its two derived elements, EncryptedData and EncryptedKey , which have exactly the same structure. As the name implies, EncryptedData shows up whenever some piece of data is encrypted. When the target is XML, EncryptedData indicates whether the encryption is of the type element ”the entire XML fragment is encrypted including the outer tags ”or content ”the outer tags are left intact and everything within the XML fragment has been encrypted.

As we continue our discussions about Web Services Security, you will see that XML Encryption and XML Signature are fundamental parts of the message-level security of an overall Web Services Security strategy. In addition, they are useful tools for you to have in your toolbox in a myriad of situations, from simply needing to validate the integrity of a piece of data to keeping important, sensitive data confidential even beyond the life of the transaction.