This Article 
   
 Share 
   
 Bibliographic References 
   
 Add to: 
 
Digg
Furl
Spurl
Blink
Simpy
Google
Del.icio.us
Y!MyWeb
 
 Search 
   
36th Annual Hawaii International Conference on System Sciences (HICSS'03) - Track 4
Big Island, Hawaii
January 06-January 09
ISBN: 0-7695-1874-5
R. G. Bartlett, University of Western Sydney
M. W. Cook, University of Western Sydney

The eXtensible Markup Language (XML) is regarded generally as having promise of becoming established as the general purpose framework for enabling transfer of data amongst heterogeneous environments. It is of interest therefore to analyse how suitable it may be once details of applications requirements and constraints are taken into account. One important requirement is for the security of documents in transit.

Closely associated with XML is the eXtensible Stylesheet Language (XSL), whose document transformation component (XSLT) may well have sufficient functionality to perform all reasonable cryptographic transformations to deliver a desired level of document security. We examine this question by describing a real world XML application whose security requirements are more complex than for a simple document transfer between just two parties; proposing a document transfer architecture into which XSLT can be plugged-in; and identifying those features of XSLT which must be applied to meet the application requirements.

We conclude that XSLT is only just adequate in the proposed scenario; and then only by making use of its "extension functions" capability.

Index Terms:
XML, XSLT, Security
Citation:
R. G. Bartlett, M. W. Cook, "XML Security Using XSLT," hicss, vol. 4, pp.122b, 36th Annual Hawaii International Conference on System Sciences (HICSS'03) - Track 4, 2003
Usage of this product signifies your acceptance of the Terms of Use.