Published on Jan 03, 2023
Many Web pages today are poorly written. Syntactically incorrect HTML code may work in most browsers even if it doesn't follow HTML rules. Browsers employ heuristics to deal with these flawed Web pages; however, Web-enabled wireless devices (such as PDAs) can't accommodate these hefty Web browsers. The next step in HTML's evolution comes in the form of XHTML (eXtended Hypertext Markup Language), which is basically a combination of HTML and XML.
XML, the eXtended Markup Language, is a successor for SGML. More general than html, it incorporate data inside tags themselves and has unlimited description capacities. The format of the display is independant, and given by another document, the XSLT. Rules to create tags are defined by another document, the DTD (Document Type Declaration) which describes the grammar of the tags.
- Significant tags based upon the content of data.
- Separated document used for the presentation.
This is a standard and universal data format. It allows to reuse a presentation for different data or use different presentations for same data.
A data object is an XML document if it is well-formed, as defined in this specification. A well-formed XML document may in addition be valid if it meets certain further constraints.Each XML document has both a logical and a physical structure. Physically, the document is composed of units called entities. An entity may refer to other entities to cause their inclusion in the document. A document begins in a "root" or document entity
A textual object is a well-formed XML document if It meets all the well-formedness constraints :Each of the parsed entities which is referenced directly or indirectly within the document is well-formed.
Document ::= Prolog element Misc*
The element structure of an XML document may, for validation purposes, be constrained using element type and attribute-list declarations. An element type declaration constrains the element's content. Element type declarations often constrain which element types can appear as children of the element. At user option, an XML processor may issue a warning when a declaration mentions an element type for which no declaration is provided, but this is not an error.
elementdecl ::= '<!ELEMENT' Name contentspec ? '>'
contentspec ::= 'EMPTY' | 'ANY' | Mixed | children
XML is a major enabler of what the Internet, and latterly Web services, require to continue growing and developing. Yet a lot of work remains to be done on security-related issues before the full capabilities of XML languages can be realized. Traditional methods of establishing trust between parties aren't appropriate on the public Internet or, indeed, on large LANs or WANs. There are particular difficulties in dealing with hierarchical data structures and with subsets of data with varying requirements as to confidentiality, access authority, or integrity. In addition, the application of new standard security controls differentially to XML documents is not at all straightforward
At present, encrypting a complete XML document, testing its integrity, and confirming the authenticity of its sender is a straightforward process. But it is increasingly necessary to use these functions on parts of documents, to encrypt and authenticate in arbitrary sequences, and to involve different users or originators. At present, the most important sets of developing specifications in the area of XML-related security are XML encryption, XML signature; XACL, SAML, and XKMS This article introduces XML encryption and XML signature
Encryption: This ensures that your data was unable to be read or utilized by any party while in transit. Your message is encrypted into incomprehensible gibberish before it leaves your computer. It maintains it encrypted (gibberish) state during it's travel through the Internet. It is not de-crypt until the recipient receives it. Because of the public-key cryptography used (discussed later) only the recipient can decipher the received message, no one else can.
To understand how this all works, we need to start with the basics. Encryption has been around for centuries, Julius Caesar used encrypted notes to communicate with Rome thousands of years ago. This traditional cryptography is based on the sender and receiver of a message knowing and using the same secret key: the sender uses the secret key to
encrypt the message, and the receiver uses the same secret key to decrypt the message. 21 years ago, a revolution happened in cryptography that changed all this, public-key cryptography. In 1976, Whitfield Diffie and Martin Hellman, introduced this new method of encryption and key management. A public-key cryptosystem is a cryptographic system that uses a pair of unique keys (a public key and a private key). Each individual is assigned a pair of these keys to encrypt and decrypt information. A message encrypted by one of these keys can only be decrypted by the other key in the pair.
The public key is available to others for use when encrypting information that will be sent to an individual. The private key is accessible only to the individual. The individual can use the private key to decrypt any messages encrypted with the public key. Similarly, the individual can use the private key to encrypt messages, so that the messages can only be decrypted with the corresponding public key.
Several bodies are actively involved in examining the issues and in developing standards. The main relevant developments here are XML encryption and the related XML signature, eXtensible Access Control Language (XACL), and the related Security.
|Are you interested in this topic.Then mail to us immediately to get the full report.
email :- firstname.lastname@example.org