Document Security Language (DSL) and 

DSL Securing tool

http://www.xml-dsl.com/

Internet Computing Lab.
Dept. Computer Science and Information Engineering
National Taiwan Normal University
Taipei, Taiwan

• Introduction
• How does it work?
• Installation
• Usage
• DSL Editor
• DSL API
• History

Introduction:

  We designed and implemented an operational model for XML document security in which (1) the security of an XML document is ensured not by the system on which it resides but by document itself and (2) this security is automatic and efficient. Our operational model provides element-wise encryption that is more general than previous forms of XML security, by including element encryption, content encryption, and two types of attribute encryption. Moreover, the model of temporal-based element-wise digital signature is novel. 

   Based on the generalized operational model, we define a new language - called document security language (DSL) - to support it. We use the DSL to construct an automatic and efficient security environment for XML. The security information defined in DSL includes definitions for keys and algorithms, and a securing tool executes the algorithms with the corresponding keys. We also have developed a DSL editor with a friendly graphic user interface to make it easier for users to generate DSL documents.

 How does it work?

1. The operational model for securing XML documents

Click for the details.

2. The organization of the DSL securing tool

3. The Document Security Language (Word, PDF)

Installation:

(Currently, the software package can only be installed in Windows serial and our present version of DSL securing tool can  be executed in J2SE v 1.3.x or v 1.4.x.)

1. Prerequisite Software: Download and install them. 

• Java^TM 2 Platform, Standard Edition (J2SE^TM)  from http://java.sun.com/j2se/1.4/download.html

• Cryptix JCE from  http://www.cryptix.org/ (Extract to C:\cryptix-jce)  link

• XML Parser for Java (XML4J) from http://www.alphaworks.ibm.com/aw.nsf/download/xml4j  ( XML4J-bin.4.3.0.zip,  extract to C:\)

2. Download DSL Securing tool (including DSL API package) and editor. 

• dsl-v3_0_20070322.zip (Extract to C:\)

3. Set up the  Java classpath

• You must include xercesImpl.jar, xmlParserAPIs.jar,  cryptix-jce-api.jar, cryptix-jce-compat.jar, cryptix-jce-provider.jar, cryptix-jce-tests.jar,  DSLParser.jar, and DSLEditor.jar  in your Java classpath. 

• You can also execute the batch file "C:\DSLT\setupclasspath.bat" to add required Jar files to Java classpath.   

• If  your J2SE version is higher 1.4, please include these two jar files (sunrsasign.jar, xalan.jar) in the classpath.

4. See C:\DSLT\doc\readme.html.  　

* We also employ the extension mechanism of XSLT and DSL to implement the encryption and decryption transform. Click for the details. 

Usage:

1.  To encrypt and embed digital signature

 java iclab.ntnu.dsl.DSLEncryptv MyXmlDoc.xml  MyDSL.dsl  [MyXmlDoc-encrpted.xml] 

                                               [MyDSL-decrypt.dsl]  

   The first argument, MyXmlDoc.xml, is the name of the file ready to be encrypted. [MyXmlDoc-encrpted.xml] and [MyDSL-decrypt.dsl] are optional arguments.

•         "MyDSL.dsl" is used to specify the DSL document for the encryption. If it is absent, the DSL security tool will try to find out the filename of the DSL document in the header of "MyXMLDoc.xml". The encryption cannot proceed if the filename of the DSL document cannot be determined.

•         "XmlDoc-encrpted.xml" specifies the file name of the encrypted document. If it is absent, the DSL security tool will insert "-encrypted" to the first argument as the filename of the encrypted file. For example, if the first argument is "MyXmlDoc.xml", then the default file name of the produced encrypted file is "MyXmlDoc-encrpted.xml".

•         The securing tool will produce a DSL document that is used to decrypt and verify the embedded digital signatures of the encrypted file. "MyDSL-decrypt.dsl" can specify the filename of it.  

Example:

java iclab.ntnu.dsl.DSLEncryptv  example.xml  example.dsl  example-encrypted.xml  example-decrypt.dsl

2.  To decrypt and verify the embedded digital signatures

 java iclab.ntnu.dsl.DSLDecryptv MyXmlDoc.xml   [MyDSL-decrypt.dsl] 

                                                 [MyXmlDoc-decrypted.xml]

   The first argument, MyXmlDoc.xml, is the name of the file ready to be decrypted. [MyXmlDoc-decrypted.xml] is optional argument.

•        "MyDSL-decrypt.dsl" is used to specify the DSL document for the decryption. If it is absent, the DSL security tool will try to find out the file name of the DSL document in the header in "MyXMLDoc.xml". The encryption will be terminated if the file name of the DSL document cannot be determined.

•        "MyXmlDoc-decrpted.xml" specifies the file name of the decrypted document. If it is absent, the DSL security tool will insert "-decrypted" to the first argument as the file name of the encrypted file. For example, if the first argument is "MyXmlDoc.xml", then the default file name of the produced decrypted file is "MyXmlDoc-decrypted.xml".

Example:

java iclab.ntnu.dsl.DSLDecryptv  example-encrypted.xml  example-decrypt.dsl  example-decrypted.xml 

DSL Editor

History:

     

      May 09 2005

• DSL securing tools version 3.0.
• DSL API

      October 22 2003

• DSL editor version 1.2.

      June 05 2003

• DSL securing tools version 2.0.

      October 04 2002

• DSL securing tools version 1.1.
• DSL editor version 1.1.

      July 31 2002

• DSL securing tools version 1.0.
• DSL editor version 1.0.

      August 15 2001

• DSL securing tools version 0.1.

      February 23 2001

• Document Security Language (DSL).

GH Hwang & TK Chang (Last updated on 2008/08/24 )

Problems with this website? Send mail to ghhwang@csie.ntnu.edu.tw or tkchang@mail.ndhu.edu.tw