TY - THES AB - The eXtensible Markup Language (XML) is a widely adopted format for documents containing structured information. Structured information contains both the content (words, images etc.) and the ‘markup’ which indicates the role of the content, e.g. ‘section’ or ‘price’. XML is the foundation for a huge variety of existing and emerging applications, including user applications like vector imaging formats, web pages, enterprise application integration, database interfaces or network protocols. Parallel to the increasing use of XML, the level of security provisions for these XML based systems rises. The World Wide Web Consortium (W3C) addressed these issues by creating the “XML Signature Syntax and Processing” and “XML Encryption Syntax and Processing” recommendations. These standards define authentication, integrity and confidentiality mechanisms for XML documents. The XML Signature recommendation defines a method for digitally signing arbitrary portions (nodes) of an XML document. XML Signature can sign both tree structures and arbitrary sets of nodes of an XML document. The XML Encryption recommendation specifies a method for encrypting tree structures in an XML document. The XML Encryption recommendation is constrained to protect full tree structures, i.e. there is no mechanism to protect the confidentiality of a single node in a document without affecting the descendants of that node. The access control community transformed access control models originating in database systems to be available for XML based databases. These access control systems offer fine-grained access control enforcement on the node level, similar to the node level integrity protection of XML Signature. For example, XML Access Control systems can restrict the read access to a particular node in an XML tree while allowing access to its child nodes. This thesis is focused on the development of a cryptography based system which can protect the confidentiality of arbitrary nodes in an XML tree. This goal is reached by combining a tree addressing scheme of databases with cryptographic mechanisms. This system is called “XML Pool Encryption”. To verify the results of this thesis, XML Pool Encryption has been implemented using the Java programming language. AU - Geuer-Pollmann, Christian DA - 2004 KW - XML security KW - Encryption KW - Pool Encryption LA - eng PY - 2004 TI - Confidentiality of XML documents by pool encryption UR - https://nbn-resolving.org/urn:nbn:de:hbz:467-647 Y2 - 2024-12-26T17:16:22 ER -