Extensible Markup Language (XML) is the "lovechild" of the World Wide Web Consortium (W3C).XML is expected to facilitate Internet B2B messaging because of its simplicity and flexibility. One big concern that customer may have in doing Internet B2B messaging is security. Therefore considering some security features in XML such as element-wise encryption, digital signature and access control that are beyond the capability of the transport-level security protocol such as SSL is of interest. We describe some access control model for XML documents and then perform some cryptographic transformations on it. For this reason, XSLT (Extensible Stylesheet Language Transformations) may well have sufficient functionality to perform all reasonable cryptographic transformations. We examine this question by describing a real world XML application whose security requirements are more complex than for a simple document; proposing an access control model using XML document, we present encryption operation in the document using XSLT; and identify the constraints and those features of XSLT which must be applied to meet the application requirements and then we examine "extension functions" as a solution to enhance the abilities of XSLT. We conclude that XSLT is only adequate in the proposed scenario and trying to extract additional functionality, such as the application of an encryption algorithm, leads to unacceptable complexity and constrains the ways in which documents can be encrypted.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.