基于XML数据安全交换研究及实现
|
摘要
随着世界经济全球化和一体化的发展,电子数据交换已成为企业参与贸易竞争的重要手段。传统的EDI交换方式的技术复杂及费用要求过高等诸多不利因素,使得在中小企业中实施起来比较困难。XML以其高度结构化和跨平台等诸多优势,解决了以前数据交换中许多棘手的问题。做为一种好的数据交换中介格式,XML正成为企业内部或企业间交换数据的首选。不过由于XML是纯文本文件,且文件本身也过于臃肿使得XML文件在传输过程中的安全性和传输效率方面值得重点关注。在目前国内XML应用正在兴起,数据交换标准不统一的条件下,本系统对于企业内部或企业间方便、安全、高效地交换数据提供了一定的理论依据和现实意义。
本文首先对数据交换的发展进行了讨论,并分析了XML的安全性问题。接着简述了XML语言本身,论述了XML安全的基本原理,包括XML加密和签名。然后通过XML与关系数据库之间的关系,解决了XML数据交换前后XML与数据库之间相互转换问题。然后,设计出基于XML的数据安全交换系统,包括系统公共模块设计、数据发送方设计和数据接收方设计等;研究和提出了从数据发送到数据接收、保存和应用等整个交换过程中的需要各种安全措施,确保XML数据传输的绝对安全,并以.NET这一核心技术对交换系统中的关键部分应用进行实现。最后对本系统进行了总结,并提出了在今后一段的时间内,所需进一步研究的工作和方向。
With the development of economic globalization, electronic data exchange has become more and more important as a part of the trade competition. However, both traditional EDI technique was more complicated and its cost was more expensive, it was harder to run into medium-sized and small-scale enterprise. According to advantages of cross-platform and more structured , XML solved previously difficult problem in data exchange. As a good format of data exchange, XML has been the first in data exchange. But, due to XML is a file of plain text and over-bulky, it affects safety and efficiency of transfer's aspect during the transfer period. It's worthy to be concerned. In current years, XML is coming on to apply in China. Under the different standards of data exchange, the system provides define principles in practice when data exchange is safety, convenient and efficient in an enterprise or among more enterprises.
Firstly, we discussed the development of data exchange and analyzed security problem of XML. Secondly, we introduced XML language and discussed the basic principles of security of XML. The principles include that XML encryption and signature. Thirdly, via the relationship between XML and relevant database (RDB), we solved the conversion problem between XML and RDB. Fourthly, we designed a secure system of data exchange base on XML. The system includes public modules, sending modules and receiving modules. We researched and provided variously safety solutions for the whole date exchange process and insured XML transfer which is absolute security and taking .NET technique to achieve application in the key part of exchange system. Finally, the thesis summarized this system and indicated the research directions and problems during the future works.
本文首先对数据交换的发展进行了讨论,并分析了XML的安全性问题。接着简述了XML语言本身,论述了XML安全的基本原理,包括XML加密和签名。然后通过XML与关系数据库之间的关系,解决了XML数据交换前后XML与数据库之间相互转换问题。然后,设计出基于XML的数据安全交换系统,包括系统公共模块设计、数据发送方设计和数据接收方设计等;研究和提出了从数据发送到数据接收、保存和应用等整个交换过程中的需要各种安全措施,确保XML数据传输的绝对安全,并以.NET这一核心技术对交换系统中的关键部分应用进行实现。最后对本系统进行了总结,并提出了在今后一段的时间内,所需进一步研究的工作和方向。
With the development of economic globalization, electronic data exchange has become more and more important as a part of the trade competition. However, both traditional EDI technique was more complicated and its cost was more expensive, it was harder to run into medium-sized and small-scale enterprise. According to advantages of cross-platform and more structured , XML solved previously difficult problem in data exchange. As a good format of data exchange, XML has been the first in data exchange. But, due to XML is a file of plain text and over-bulky, it affects safety and efficiency of transfer's aspect during the transfer period. It's worthy to be concerned. In current years, XML is coming on to apply in China. Under the different standards of data exchange, the system provides define principles in practice when data exchange is safety, convenient and efficient in an enterprise or among more enterprises.
Firstly, we discussed the development of data exchange and analyzed security problem of XML. Secondly, we introduced XML language and discussed the basic principles of security of XML. The principles include that XML encryption and signature. Thirdly, via the relationship between XML and relevant database (RDB), we solved the conversion problem between XML and RDB. Fourthly, we designed a secure system of data exchange base on XML. The system includes public modules, sending modules and receiving modules. We researched and provided variously safety solutions for the whole date exchange process and insured XML transfer which is absolute security and taking .NET technique to achieve application in the key part of exchange system. Finally, the thesis summarized this system and indicated the research directions and problems during the future works.
引文
[1]蒲慷.可扩展通用数据交换框架.电子科技大学硕士学位论文.2002-1-2
[2]柴跃廷,李芳芸,任守渠.基于分布式对象技术的BPR支撑系统.高技术通讯.1999
[3]William Stallings.网络安全基础教程:应用与标准.清华大学出版社.2002.6
[4]Richard Blum.高春蓉,谷雨等翻译.C#网络应用编程.电子工业出版社.2003.5
[5]Judge DW,Odgers BR,Shepherdson JW,etal.Agent-enhanced workflow.BT Technology Journal.1998,16(3):79-85
[6]一种异构数据库间的XML接口方案.计算机应用.2001 Vol.21 No.6
[7]Shegalov,Michael Gillmann,Gerhard Weikum.XML-enabled workflow management for e-services across heterogeneous platforms.VLDB Journal.2001,10(1):91-103
[8]PR.S.Visser and Z.Cui Heterogenerous Ontology Structures for Distributed Architectures ECAI-98 Workshop on Application of Ontologies and Problem-solving Methods,Brighton,United Kingdom,112-119
[9]Priscilla Walmsley.陈维军,乔安平,英宇译.XML模式权威教程.清华大学出版社,2003.1
[10]Khun Yee Fung.汉扬天地科技发展有限公司译.XSLT精要从XML到HTML.清华大学出版社,2002.10
[11]赖迎松.计算机密码学及其应用.国防工业出版社,2001.7
[12]涧土洁、冯登国.公开密切密码算法从其快速实现.国防工业出版社.2002.9
[13]Blake Doumaee.周永彬,贺也平,刘娟等翻译.XML安全基础.清华大学出版社.2003.8
[14]David Jorgensen.刘颖,刘洋,任韦撞,汪佳译.使用XML开发.NET Web服务.:科学出版社,2003.6
[15]Matthew MacDonald,Erik Johansson.崔伟,毛尧飞译.C#数据安全手册.清华大学出版社,2003.7
[16]Thomas Abraham,Scott Wylie等著.崔洪斌,王爱明等译.Visual Basic.NET解 决方案工具箱
[17]陈宏刚,林斌,凌小宁等著.软件开发的科学与艺术.电子工业出版社,2002.7
[18]Scott Worley.王文龙,刘湘宁.Asp.net技术内幕.人民邮电出版社,2002.4
[16]Cate McCoy,Gord Mairc.冯华英等译.水晶报表Crystal Reports9从入门到精通.电子工业出版社.2003.6
[19]Robert Powell Richard Weeks.袁朋飞翻译.C#和.NET架构.人民邮电出版社,2002.4
[20]万建成,卢雷.软件体系结构的原理、组成与应用.科学出版社.2002
[21]邵配英.分布式数据库系统及其应用.科学出版社.2000.6
[22]王廷永,胡吉平.基于B/S数据库模式的公文流转系统.计算机系统应用,2002
[23]Natanya puts.徐晓梅,龚自祥,王晓云翻译.XML技术内幕.机械工业出版社,2002.1
[24]刘晓华..NET核心技术.电子工业出版社.2002.8
[25]Mark Priestley.Practical Object Oriented Design With LTML.MxGraw Hill Companies,inc.2001.3
[26]Aancock B.Elliptical Curve Cryptography and Standards for Efficient Cryptography Group.Computers&Security,1999
[27]Bruce Schneier.Applied Cryptography(Second Edition)[M].John Wiley&Sons Inc.1996
[28]HJr Katzan.The Standard data encryption Algorithm[M].Petrocell:Books Inc,1997
[29]Ron Bourret,XML and Database.Http://www.rpbourret.com/xml/XMLAnd-Databases.htm
[30]Extensible Markup Language(XML)1.0[EB/OL].http://www.w3.org/TR/REC-XML
[31]William Stallings.Network Security Essentials:Applications and Standards.Tingshua publish 2002.6
[32]W3C.XML-Signature Syntax and Processing.http://www.w3.orglTR/xmldsig -core,2002.12
[33]W3C.XML Encryption Syntax and Processing.http://www.w3.org/TR/2002/REC-xmlenc-core-20021210
[34]W3C.XML Path Language(XPath)Version 1.0.http://www.w3.orglTR/1999/ REC-xpath-19991116
[35]W3C.XSL Transformations(XSLT)Version 1.0.http:/lwww.w3.org/TR/xslt
[36]W3C.XML Schema Part1:Structures.http://www.w3.org/TR/2001/REC-xmlsche ma-1-20010502
[37]W3C.XML Schema Part 2:Datatypes.http://www.w3.org/TR/2000/CR-xmlsche ma-2-20001024
[38]Esky.http://www.eskymedia.com/Articleee_Show.asp? ArtidelD=489,2004.9
[39]Ronald Bourret.XML and Databases.http://www.rpbourret.com/xml/XMLAnd Databases.htm.2004.7
[2]柴跃廷,李芳芸,任守渠.基于分布式对象技术的BPR支撑系统.高技术通讯.1999
[3]William Stallings.网络安全基础教程:应用与标准.清华大学出版社.2002.6
[4]Richard Blum.高春蓉,谷雨等翻译.C#网络应用编程.电子工业出版社.2003.5
[5]Judge DW,Odgers BR,Shepherdson JW,etal.Agent-enhanced workflow.BT Technology Journal.1998,16(3):79-85
[6]一种异构数据库间的XML接口方案.计算机应用.2001 Vol.21 No.6
[7]Shegalov,Michael Gillmann,Gerhard Weikum.XML-enabled workflow management for e-services across heterogeneous platforms.VLDB Journal.2001,10(1):91-103
[8]PR.S.Visser and Z.Cui Heterogenerous Ontology Structures for Distributed Architectures ECAI-98 Workshop on Application of Ontologies and Problem-solving Methods,Brighton,United Kingdom,112-119
[9]Priscilla Walmsley.陈维军,乔安平,英宇译.XML模式权威教程.清华大学出版社,2003.1
[10]Khun Yee Fung.汉扬天地科技发展有限公司译.XSLT精要从XML到HTML.清华大学出版社,2002.10
[11]赖迎松.计算机密码学及其应用.国防工业出版社,2001.7
[12]涧土洁、冯登国.公开密切密码算法从其快速实现.国防工业出版社.2002.9
[13]Blake Doumaee.周永彬,贺也平,刘娟等翻译.XML安全基础.清华大学出版社.2003.8
[14]David Jorgensen.刘颖,刘洋,任韦撞,汪佳译.使用XML开发.NET Web服务.:科学出版社,2003.6
[15]Matthew MacDonald,Erik Johansson.崔伟,毛尧飞译.C#数据安全手册.清华大学出版社,2003.7
[16]Thomas Abraham,Scott Wylie等著.崔洪斌,王爱明等译.Visual Basic.NET解 决方案工具箱
[17]陈宏刚,林斌,凌小宁等著.软件开发的科学与艺术.电子工业出版社,2002.7
[18]Scott Worley.王文龙,刘湘宁.Asp.net技术内幕.人民邮电出版社,2002.4
[16]Cate McCoy,Gord Mairc.冯华英等译.水晶报表Crystal Reports9从入门到精通.电子工业出版社.2003.6
[19]Robert Powell Richard Weeks.袁朋飞翻译.C#和.NET架构.人民邮电出版社,2002.4
[20]万建成,卢雷.软件体系结构的原理、组成与应用.科学出版社.2002
[21]邵配英.分布式数据库系统及其应用.科学出版社.2000.6
[22]王廷永,胡吉平.基于B/S数据库模式的公文流转系统.计算机系统应用,2002
[23]Natanya puts.徐晓梅,龚自祥,王晓云翻译.XML技术内幕.机械工业出版社,2002.1
[24]刘晓华..NET核心技术.电子工业出版社.2002.8
[25]Mark Priestley.Practical Object Oriented Design With LTML.MxGraw Hill Companies,inc.2001.3
[26]Aancock B.Elliptical Curve Cryptography and Standards for Efficient Cryptography Group.Computers&Security,1999
[27]Bruce Schneier.Applied Cryptography(Second Edition)[M].John Wiley&Sons Inc.1996
[28]HJr Katzan.The Standard data encryption Algorithm[M].Petrocell:Books Inc,1997
[29]Ron Bourret,XML and Database.Http://www.rpbourret.com/xml/XMLAnd-Databases.htm
[30]Extensible Markup Language(XML)1.0[EB/OL].http://www.w3.org/TR/REC-XML
[31]William Stallings.Network Security Essentials:Applications and Standards.Tingshua publish 2002.6
[32]W3C.XML-Signature Syntax and Processing.http://www.w3.orglTR/xmldsig -core,2002.12
[33]W3C.XML Encryption Syntax and Processing.http://www.w3.org/TR/2002/REC-xmlenc-core-20021210
[34]W3C.XML Path Language(XPath)Version 1.0.http://www.w3.orglTR/1999/ REC-xpath-19991116
[35]W3C.XSL Transformations(XSLT)Version 1.0.http:/lwww.w3.org/TR/xslt
[36]W3C.XML Schema Part1:Structures.http://www.w3.org/TR/2001/REC-xmlsche ma-1-20010502
[37]W3C.XML Schema Part 2:Datatypes.http://www.w3.org/TR/2000/CR-xmlsche ma-2-20001024
[38]Esky.http://www.eskymedia.com/Articleee_Show.asp? ArtidelD=489,2004.9
[39]Ronald Bourret.XML and Databases.http://www.rpbourret.com/xml/XMLAnd Databases.htm.2004.7