Home > Projects > XML Security Services > XML Security Standards ()

The aim of the XML Security Standards developed by W3C and OASIS is the definition of meta-data to protect XML documents and elements. The following standards have been evaluated regarding access control, rights management and communication protection preparing the development of XML Security Services:

• XML-Encryption

  Provides a framework to realise XML data confidentiality using encryption mechanisms. This standard not only supports encryption of complete XML document, but also fine granular encryption of XML element groups, single element or the content of elements.  Every document part may be encrypted using different encryption keys. This ensures secrecy of each part for specific recipients.

• XML-Signature

  Provides a framework assuring integrity and reliabity of XML data using digital signatures. Analogous to the XML-Encryption standard it supports signing of whole documents as well as single elements or the content of elements. Digital signatures become a persistent part of the document. So, the signatures are kept verifiable permantly In addition, all data objects referenced by URI may be signed with several options (enveloped, enveloping oder detached).

• XML Key Management Specification (XKMS)

  Specifies access to Public Key Infrastructes (PKI) defining two XML protocols. The first is used to register public and private key. The second is used for verification purposes of  public keys or certificates.
  

• eXtensible Access Control Markup Language (XACML)

  XACML defines schemes and namespaces to specify and enforce (role based) access control and autorisation policies for XML based objects.

• eXtensible rights Markup Language (XrML)

  This standard was developed regarding digital rights management purposes for any kind of of digital media or content. XrML may be used to determine access rights and conditions on digital resources (hardware, software, services etc).

• Security Assertion Markup Language (SAML)

  SAML defines XML based exchange mechanism and data structures for authentication and authorisation information.