Advanced XML Security: Framework for Building Secure XML Management System (SXMS)

The eXtensible Markup Language (XML) has been widely adopted for information exchange across various networks due to flexibility providing common syntax for messaging systems. Excessive use of XML as a communication medium created an aligned interest in the level of security provided for those XML-Based systems. Many security concerns have been tackled by the World Wide Consortium (W3C) creating the "XML Encryption Syntax and Processing" Recommendation [4]. This study presents a new architecture to handle received XML messages from various systems, on one hand suggested architecture is focused on classifying received XML messages (sensitive and non-sensitive) data to define which parts of the XML document to be encrypted and which to be forwarded to another module in suggested system to handle message composition, On the other hand the architecture is focused on securing XML messages by encrypting flagged XML parts each with different type of encryption depending on data sensitivity and importance level defined, this stage uses an approach based on W3C "XML Encryption Syntax and Processing" Recommendation. As a result, study aims to improve both the performance of XML encryption process and bulk message handling to achieve data cleansing efficiently.