Abstract :
XML-based services with flexible and intelligent structures for data expression and exchange are quickly gaining popularity. Enterprises are deploying XML-based services as a central component of the application integration. As the application data are crucial to the enterprises, the XML messages must be secured to ensure the reliability of these services. This paper presents the design of an embedded XML firewall with XML identification, XML validation, XML encryption and decryption, XML signature and signature verification, which is implemented on Intel IXP425, an embedded network processor for small and medium enterprise solutions. Suitable for enterprises to deploy XML security for their IT infrastructure, the XML firewall provides confidentiality, integrity and authenticity for XML-based services. Improvements are introduced and evaluated, including schema preprocessing and hardware acceleration for security processing. Ideas about future work of XML firewall based on this platform are also proposed.
Keywords :
XML; authorisation; computer networks; cryptography; embedded systems; microprocessor chips; XML encryption; XML firewall; XML identification; XML signature; XML validation; data exchange; data expression; embedded network processor; signature verification; Acceleration; Data security; Hardware; Intelligent structures; Internet; Service oriented architecture; Telecommunication traffic; Transportation; Web services; XML; Hardware Acceleration; Network Processor; XML Firewall; XML Security;
