节点文献
XML安全技术研究及在电子商务中的应用
【作者】 张斌;
【作者基本信息】 电子科技大学 , 软件工程, 2010, 硕士
【摘要】 XML技术以其强大的描述性、结构化、易扩展、跨平台等特性,在网络数据存储和交换中发挥的作用越来越大,其安全性也受到广泛的关注。基于Web的XML电子商务订单在Internet开放的环境下传输和存储时,XML文档的明文传输是危险的,所以需要对其应用数据加密,签名等安全技术来保证Web服务的安全。本文在介绍了网络数据安全技术以及XML的基本知识的基础上,结合分析了包括XML加密、XML数字签名、XML密钥管理、安全性断言标记语言、XML访问控制标记语言等XML安全技术。然后结合XML安全技术标准,提出了一个包括xml文件加密、数字签名、密钥获取和管理控制的电子商务安全平台策略。采取通过底层的DOM对XML文档对象进行解析,并为上层应用提供通用的API接口。对该平台的加密解密,签名验证模块用.NET框架来实现。对文件资料的加密应用3DES加密算法,为了解决公钥传输问题,应用RSA算法对密钥进行加密实现,最后签名的实现是通过应用SHA-1对文件进行信息摘来完成的。该模块解决了基于Web的XML电子商务订单在Internet上传输和存储时所面临的安全问题。最后对集成XML安全技术的数据交换方案及其实现结果进行了分析。
【Abstract】 XML technology becomes popular on data storage and data exchange in a TCP/IP network because of its powerful description, structure, easy expansion, and cross-platform. The security of XML becomes much more important. As Web-based XML e-commerce orders in Open environment may be liable to various security threats on the Internet at transmission and storage, so need apply data encrypt and digital signature to ensure the security of Web service.Firstly, XML technology and modern security technology based on cryptography is discussed in this paper. Then The XML encryption, XML digital signature, XML Key Management Specification, security assertion markup language and XML Access Control Markup Language are studied. Then,Advanced a e-business security platform including encrypt of XML document, digital signature ,accessing control and management of secret key.This platform provides provides connect port for upper implementation level and parse XML object file through DOM.In the implementation of this scheme, XML encryption / decryption functions based on 3DES encryption algorithm and RSA-based digital signature / validation function are programmed with .Net platform and C# Language. These modules provide the XML document confidentiality, authentication, non-repudiation, integrity, and other security services. The scheme and its implementation can satisfy the security requirements of Web-based XML e-commerce orders on the Internet transmission and storage. In the end of this paper, the security of this integrated scheme is analyzed.
【Key words】 XML; XML encryption; digital signature; public key infrastructure;
- 【网络出版投稿人】 电子科技大学 【网络出版年期】2011年 04期
- 【分类号】TP393.08
- 【下载频次】142