?
Solved

XML Security

Posted on 2004-09-20
2
Medium Priority
?
212 Views
Last Modified: 2010-05-18
I am storing some configuration information in an xml file. Is there any provision to protect it .
0
Comment
Question by:GKY
2 Comments
 
LVL 5

Expert Comment

by:tzxie2000
ID: 12102665
If some data are important it is surely that you should encode the data

which languange do you used then
0
 
LVL 21

Accepted Solution

by:
MogalManic earned 375 total points
ID: 12114524
XML by definition is text so in its native form it cannot be protected from someone loading it into NotePad and changing the values.  Here are your options:

  1) Protect the file using the OS
        a) For Unix/Linix set the Owner for full control, and the Group and World to ReadOnly.  The process that modifies the file is the owner and all other processes are in the same group.
        b) For Windows, Set the file as accessable to only certain people and/or groups...
   2) Encrypt and/or Zip the file with password and decrypt it in the application before parsing the XML
   3) Add a checksum attribute to the root node of the XML file.  The checksum is a hash of the XML file contents as string.  For example
        <configData xsum="1FA3B700324343523FACDBA">
         </configData>
       When the XML is loaded, recompute the checksum and throw error and abort.

The last solution is the simplest, even though it does not stop a person from editing the file, it will allow you to know if someone has changed the file.
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The SignAloud Glove is capable of translating American Sign Language signs into text and audio.
If you are a mobile app developer and especially develop hybrid mobile apps then these 4 mistakes you must avoid for hybrid app development to be the more genuine app developer.
In this fifth video of the Xpdf series, we discuss and demonstrate the PDFdetach utility, which is able to list and, more importantly, extract attachments that are embedded in PDF files. It does this via a command line interface, making it suitable …
Six Sigma Control Plans

621 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question