计算机技术与发展2016,Vol.26Issue(6):101-105,5.DOI:10.3969/j.issn.1673-629X.2016.06.022
XML重写攻击检测技术研究
Study on Detecting Technique for XML Rewriting Attack
摘要
Abstract
There is rewriting attack problem in the fine-grained XML digital signature now. There are several countermeasures can be used to detect XML rewriting attack. It makes a discussion on the security scheme to deal with the common rewriting attacks and the best appli-cation scenarios of the existing detection scheme based on the analysis and evaluation of the existing detection scheme. The study results show that security policy,verification complementary ( filter) ,FastXPath and mark element position scheme in the DOM tree can detect the common attacks effectively and existing scheme can apply to detecting man-in-the-middle attack and repay attack effectively except for inline approach and verification complementary ( position indicator) scheme. However,for attacks against modifying signature element context-sensitive information,all the existing detection scheme can’ t detect.关键词
XML重写攻击/安全策略/SOAP Account/验证互补/FastXPath/重定向攻击/多Security头攻击Key words
XML rewriting attack/security policy/SOAP Account/verification complementary/FastXPath/redirection attack/multiple se-curity header attack分类
信息技术与安全科学引用本文复制引用
刘宝龙,杨威,陈桦..XML重写攻击检测技术研究[J].计算机技术与发展,2016,26(6):101-105,5.基金项目
教育部留学归国人员科研启动金资助项目(2013693) (2013693)
面向重大装备和能源化工的制造业信息化综合应用示范项目(2012BAF 12B04) (2012BAF 12B04)
陕西省教育专项科研计划项目(15KJ1350) (15KJ1350)
