Security and XML

In this chapter we will discuss further security issues for XML. Note that there are two aspects: one is securing XML documents, and the other is using XML to specify policies. We will discuss both aspects. We will give examples and show how access-control rules can be enforced on XML documents. We will also discuss security for XML schemas and security for namespaces. Then we will discuss how policies can be expressed in XML. One of the advantages with a specification language such as XML is that one can specify rules in this language. However, because XML represents data, policies specified in XML can only be enforced on data represented in XML.