ML Encryption provides end-to-end security for applications that require secure exchange of structured data. XML itself is the most popular technology for structuring data, and therefore XML-based encryption is the natural way to handle complex requirements for security in data interchange applications.
This article discusses how to manage the complexities of XML encryption using tools and technologies available in the Java programming language and the Apache XML Security framework.
First, however, I will introduce the security threats facing XML.
XML Security Threats
XML-based data transfer has emerged as the standard for organizations to exchange business data. As with all communications over the public Internet, XML-based transfers have their own set of vulnerabilities to confront. The following list illustrates some specific XML security threats:
- Schema Poisoning: Manipulating the WS schema to alter the data processed by the application
- XML Parameter Tampering: Injection of malicious scripts or content into XML parameters
- Coercive Parsing: Injection of malicious content into the XML
- Oversized Payload: Sending oversized files to create an XDoS attack
- Recursive Payload: Sending mass amounts of nested data to create an XDoS attack against an XML parser
- XML Routing Detours: Redirecting sensitive data within the XML path
- External Entity Attack: An attack on an application that parses XML input from suspicious sources using an incorrectly configured XML parser
These threats and others pose potentially serious problems to developers creating applications, components, and systems that depend on XML data. Clearly, a secure solution is needed. For this task, you can rely on the science and art of cryptography as the foundation for a Java-based solution.
Introduction to Cryptography
Cryptography can be defined as the science of and techniques for securing data by encrypting or transforming it into an unrecognizable format and then decrypting it back into the original format. Encryption is further defined as the process of taking data (known as cleartext
) and altering it using a cryptographic key to produce ciphertext
, which is unrecognizable to unauthorized entities/principals. Decryptionthe reverse of encryptioncan therefore be defined as the process of altering ciphertext using a cryptographic key to reproduce the original cleartext.
Some of the common elements involved in cryptographic processes are:
- Public keys: Numbers associated with a particular entity such as an individual or an organization. Public keys are always part of a public/private key-pair and are intended to be publicly available to anyone intending to distribute confidential data back-and-forth with the key owner.
- Private keys: Numbers associated with a particular entity such as an individual or an organization. Private keys are always part of a public/private key-pair and are intended to be known only by the key owner. Private keys are used to encrypt data that will be decrypted using the corresponding public key and vice versa.
- Key-pair generators: Used to generate a pair of public and private keys that conform to a cryptographic algorithm.
- Key factories: Used to convert opaque cryptographic keys into transparent key specifications (representations of the underlying key data), and vice versa.
- Keystores: Databases used to manage a repository of keys.
- Cryptographic algorithms: Sets of instructions and procedures, such as RSA or DES that define the processes for transforming the cleartext data.
Cryptography systems can be broadly classified as single-key or symmetric-key systems and two-key or public-key systems.