To secure XML documents with the extension function of XSLT
Software—Practice & Experience - Research Articles
| Hi-index | 0.00 |
The eXtensible Markup Language (XML) is regarded generally as having promise of becoming established as the general purpose framework for enabling transfer of data amongst heterogeneous environments. It is of interest therefore to analyse how suitable it may be oncedetails of applications requirements and constraints are taken into account. One important requirement is for the security of documents in transit.Closely associated with XML is the eXtensible Stylesheet Language (XSL), whose document transformation component (XSLT) may well have sufficient functionality to perform all reasonable cryptographic transformations to deliver a desired level of document security. We examine this question by describing a real world XML application whose securityrequirements are more complex than for a simple document transfer between just two parties; proposing a document transfer architecture into which XSLT can be plugged-in; and identifying those features of XSLT which must be applied to meet the application requirements.We conclude that XSLT is only just adequate in the proposed scenario; and then only by making use of its "extension functions" capability.