Abstract
XML Encryption is used for partially encrypting XML data to provide end-to-end confidentiality in multi-hop web services. An intermediary along the message path cannot perform schema validation on encrypted XML data because the data structure is changed by the partial encryption. To perform schema validation, it is required to provide a post-encryption schema. However, generating a post-encryption schema is not accomplished by simple replacement of element declarations because we have to consider an impact of the replacement and UPA violation problem. So, if we generate a post-encryption schema by hand, some technical skills about schema are required and take some operation time. In this paper, we propose a method for generating a post-encryption schema. By using our proposed method, technical skills aren't required because the proposed method requires only existing information such as an original schema and a security policy. Our evaluation experiment shows that the proposed method can reduce an operation time for generating a post-encryption schema.
