Browse > Article
http://dx.doi.org/10.3745/KIPSTC.2006.13C.4.435

Conformance Testing Tool Implementation for XML Encryption Products  

Chae Han-Na (숙명여자대학교 정보과학부)
Rhee Gwang-Soo (숙명여자대학교 정보과학부)
Abstract
XML encryption is to provide confidentiality service, though not limited to, for web contents. XML encryption can be applied to entire data files as opaque objects, or more frequently to various parts of XML documents, supporting various encryption granularity. It is this characteristic that makes XML encryption a more efficient alternative for data confidentiality in various web applications than is possible with SSL/TLS, IPsec, PGP, or S/MIME. It is essential for successful deployment of XML encryption to achieve interoperability among the products implementing this technology, which requires the products to implement the XML encryption standards correctly. Conformance testing is to test if products implement the relevant standard correctly. In this paper we present a conformance testing method for XML encryption products and implement it. We will first look at XML encryption standards developed by W3C, and extract test criteria. Then we propose a testing method in which the encryption capability and the decryption capability of a product are tested separately. The proposed methody is actually implemented as a GUI-based testing tool and some test results are presented.
Keywords
XML Encryption; Conformance Testing;
Citations & Related Records
Times Cited By KSCI : 1  (Citation Analysis)
연도 인용수 순위
1 merlin-decrypt-two.tar.gz http://lists.w3.org/ Archives/Public/xml-encryption/2002Aug/att-0000/01-merlin-decrypt-two.tar.gz
2 GnuTLS, http://www.gnu.org/software/gnutls/
3 NSS, http://www.mozilla.org/projects/security/pki/nss/
4 MSCrypto, http://msdn.microsoft.comlsecurity/
5 LibXML, http://xmlsoft.org
6 merlin-xmlenc-five.tar.gzhttp://lists.w3.org/Archives/Public/xml-encryption/2002Mar/0008.html
7 D. Eastlake 3rd, 'Additional XML Security Uniform Resource Identifiers (URIs),' IETF RFC4051. http//www.ietf.org/rfc/rfc4051.txt
8 W3C XML 암호화 상호운용성 시험, http//www.w3.org/Encryption/2002/02-xenc-interop.html
9 알렉시사에서 제공하는 XML 암호화 상호운용성 시험, http://www.aleksey.comlxmlsec/xmlenc.html
10 OpenSSL, http://www.openssl.org/
11 XML Encryption WG, 'XML Encryption Requirements,' W3C, Apr., 2002. http//www.w3.org/TR/xml-encryptionreq
12 D. Eastlake, J. Reagle, D.Sole, 'XML-Signature Syntax and Processing,' IETF RFC3275
13 XML Encryption WG, 'XML Encryption Syntax and Processing,' W3C, Dec., 2002. http//www.w3.org/TR/xmlenc-core/
14 Decryption Transform for XML Signature, http//www.w3.org/TR/xmlenc-decrypt
15 IBM XML Security Suite, http://www.alphaworks.ibm.com/tech/xmlsecuritysuite
16 김지현, 이광수, 'XML 전자서명 제품의 표준적합성 시험 방법 및 구현', 정보보호학회논문지, 14(4):3-12, 2004   과학기술학회마을
17 IET-F/W3C XML-DSig Working Group, http://www.w3.org/Signature/
18 J. Reagle, 'XML Signature Requirements,' IETF RFC2807
19 J. Boyer, 'Canonical XML Version 1.0,' IETF RFC3076
20 phaos-xrnlenc-3.zip http://lists.w3.org/ Archives/Public/xml-encryption/2002Mar/att-0052/0l-phaos-xmlenc-3.zip