An XML Firewall on Embedded Network Processor
Source: Tsinghua University
Deployment of XML-based services as a central component of application integration must be done while keeping in mind services with flexible and intelligent structures for data expression and exchange. Introduction and evaluation, including schema preprocessing and hardware acceleration for security processing, indicate improvement along with the firewall provides confidentiality, integrity and authenticity for XML-based services. Three major categories of XML-based security threats are noticeable - Message Transport Security, XML-Based DoS (Denial of Service) Attacks, and Content-Based Attacks. Use of Document Object Model (DOM) processing scheme to implement an XML firewall on an embedded network processor with all four basic functions integrated into the XML security system and a system design and introduced improvements of the XML firewall in Section 2 are taken up for study in this paper. The XML firewall on embedded network processor is designed to secure XML-based services like web services. The experimental results have shown the improvements brought from the two optimizations further improved by hardware utilization, other processing schemes, new algorithms for parsing and validation.