research-article

XML security in healthcare web systems

Author:
Wasim A. Al-Hamdani

Kentucky State University, East Main, KY

Kentucky State University, East Main, KY
View Profile

InfoSecCD '10: 2010 Information Security Curriculum Development ConferenceOctober 2010Pages 80–93https://doi.org/10.1145/1940941.1940961

Published:01 October 2010Publication History

InfoSecCD '10: 2010 Information Security Curriculum Development Conference

Pages 80–93

ABSTRACT

XML has now opened a totally new approach in digital document handling, processing, and message transmission. XML serves as a strong base for healthcare information systems and HL7 standards for healthcare. Therefore, XML security must be integrated into XML in such a way as to preserve the advantages and abilities of XML while adding necessary security capabilities to maintain the patient and healthcare records as readily available and secure. New techniques are being developed as well as standards based on XML and HL7 health industry standards, which are key for healthcare industry expansion and security in the global environment. This work focuses on XML usage for security implementation in Web-based healthcare. The work presents a general introduction to XML, followed by general issues in XML security, XML security application in healthcare, and finally the future of XML in healthcare, focusing in particular on security issues.

References

Harold, E. R. 2000. FileMaker XML technology overview. Available online from http://www.filemaker.comGoogle Scholar
Exforsys.com. 2009. XML advantages. Available online from http://www.exforsys.com/tutorials/xml/xml-advantages.htmlGoogle Scholar
Exforsys.com. 2009. XML disadvantages. Available online from http://www.exforsys.com/tutorials/xml/xml-disadvantages.htmlGoogle Scholar
W3schools.com. 2009. How can XML be used? Available online from http://w3sschools.comGoogle Scholar
Bourret, R. 2009. XML and databases. Available online from http://www.rpbourret.com/xml/XMLAndDatabases.htm#isxmladatabaseGoogle Scholar
Wikipedia.org. 2009. XML database. Available online from http://en.wikipedia.org/wiki/XML_databaseGoogle Scholar
Isgmlug.org. 2009. XML and databases. Available online from http://www.isgmlug.org/database.htmlGoogle Scholar
Yu, Y. 2005. Benchmarking of native XML database systems. Thesis Submitted in Fulfilment of the Master of Computer Science. University of Wollongong New South Wales, Australia.Google Scholar
Microsoft. 2008. MSN Encarta. Available online from http://encarta.msn.com/Google Scholar
Nicola, M., Kogan, I., Raghu, R., Gonzalez, A., Schiefer, B., & Xie, K. 2009. An XML database benchmark: Transaction processing over XML (TPoX) version 1.2. Available online from http://tpox.sourceforge.net/Google Scholar
Nambiar, U., Lacroix, Z., Bressan, S., Lee, M. L., & Li, Y. 2001. XML benchmarks put to the test. In Proceedings of the Third International Conference on Information Integration and Web-based Applications & Services (IIWAS). Linz, Austria: the Austrian Computer Society.Google Scholar
Schmidt, A. R., Waas, F., Kersten, M. L., Florescu, D., Manolescu, I., & Carey, M. J. 2001, April. The XML benchmark project. Technical Report INS-R0103, CWI. Amsterdam, The Netherlands: CWI. Google ScholarDigital Library
Schmidt, A., Waas, F., Kersten, M., Florescu, D., Carey, M. J., Manolescu, I., et al. 2001. Why and how to benchmark XML databases. Association for Computing Machinery, SIGMOD, 30(3). Google ScholarDigital Library
Chaudhri, A. B., Rashid, A., & Zicari, R. 2003. XML data management: Native XML and XML-enabled database systems. NJ: Addison-Wesley. Google ScholarDigital Library
Gray, J. E. 1993. The benchmark handbook for database and transaction processing systems (2nd ed.). San Francisco: Morgan Kaufmann Publishers.Google Scholar
Oracle.com. 2002. Oracle9i Application Server Security Guide Release 2 (9.0.2) Part Number A90146--01. Available online from http://www.oracle.com.Google Scholar
Hale, L. P. 2002. Oracle9i application server security guide, release 2 (9.0.2). Available online from http://www.di.unipi.it/~ghelli/didattica/bdl/A97329_03/core.902/a90146/title.htmGoogle Scholar
Bravetti, M., Lucchi, R., Zavattaro, G., & Gorrie, R. 2004. Web services for E-commerce: Guaranteeing security access and quality of service. Proceedings of the 2004 ACM symposium on Applied computing (pp. 800--806). ACM. Google ScholarDigital Library
Argoc.com. 2006. SOA security in a federated Web services environment security standards for information assurance. Rockville, MD 20852: Argosy Omnimedia Inc.Google Scholar
Wikipedia.org. 2009. Privacy. Available online from http://en.wikipedia.org/wiki/PrivacyGoogle Scholar
Sitepoint.com. 2009. Getting started with XML security. Available online from http://articles.sitepoint.com: http://articles.sitepoint.comGoogle Scholar
Dournaee, B. 2002. XML security. NY: McGraw-Hill Osborne Media. Google ScholarDigital Library
Biba, K. 1977, April. Integrity considerations for secure computer systems. Technical Report ESD-TR-76-372, ESD/AFSC, Hanscom AFB, Bedford, MA.Google Scholar
Hirsch, F. 2002. Getting started with XML security. Available online from http://www.sitepoint.com/article/getting-started-xml-security.Google Scholar
W3C.org. 2007. XML security use cases and requirements. Available online from http://www.w3.orgGoogle Scholar
W3C.org. 2008. XML security specifications maintenance working group. Available online from http://www.w3.org/Google Scholar
Grundy, P. 2005. DataPower, XML and healthcare services. Available online from http://healthnex.typepad.comGoogle Scholar
Simon, E., Madsen, P., & Adams, C. 2001. An introduction to XML digital signatures. Available online from http://www.xml.com/pub/a/2001/08/08/xmldsig.html.Google Scholar
W3C.org. 1999. XML signature requirements. Available online fromGoogle Scholar
McIntosh, M., & Austel, P. 2005. XML signature element wrapping attacks and countermeasures. Proceedings of the 2005 Workshop on Secure Web Services (pp. 20--27). Google ScholarDigital Library
W3C.org. 2009. XML encryption requirements. Available online from http://www.w3.org/2000/11/15-xml-encryption-req.htmlGoogle Scholar
Geuer-Pollmann, C. 2004. Confidentiality of XML documents by pool encryption. Universität Siegen Institut für Digitale Kommunikationssysteme.Google Scholar
W3schools.com. 2009. W3schools.com. Available online from http://www.w3schools.com/xmL/xml_tree.aspGoogle Scholar
Bartlett, R., & Cook, M. 2002. Technical Report No. CIT/15/2002: XML security using XSLT. University of Western Sydney.Google Scholar
W3C.org. 2009. XML key management (XKMS 2.0) requirements. Available online from http://www.w3.org/TR/xkms2-reqGoogle Scholar
Service-architecture.com. 2009. Healthcare XML. Available online from http://www.service-architecture.com/xml/articles/healthcare_xml.htmlGoogle Scholar
Dudeck, J. 2000. XML Europe 2000 (general introduction). Available online from http://www.gca.org/attend/2000_conferences/europe_2000/schedule_friday.htmGoogle Scholar
Nssn.org. (2009). XML standards. Available online from http://www.nssn.org/search/AdvancedSearch.aspxGoogle Scholar
W3C.org. (2008). XML security working group. Available online fromGoogle Scholar
http://www.w3.org/2008/xmlsec/Nsa.gov. 2005. Fact sheet NSA Suite B cryptography. Available online from http://www.nsa.gov/ia/industry/crypto_suite_b.cfmGoogle Scholar

Index Terms

XML security in healthcare web systems

Recommendations

A Confidential Electronic Result Transfer Using a Hybrid XML Security Scheme
ITNG '11: Proceedings of the 2011 Eighth International Conference on Information Technology: New Generations

Over the years, XML technology has been a standard for data representation and data exchange in many areas of information technology particularly those with focus on XML-based description standards for data interchange. Most data exchange involves ...
Read More
XML security - A comparative literature review

Since the turn of the millenium, working groups of the W3C have been concentrating on the development of XML-based security standards, which are paraphrased as XML security. XML security consists of three recommendations: XML (digital) signature, XML ...
Read More
Advanced XML Security: Framework for Building Secure XML Management System (SXMS)
ITNG '10: Proceedings of the 2010 Seventh International Conference on Information Technology: New Generations

The eXtensible Markup Language (XML) has been widely adopted for information exchange across various networks due to flexibility providing common syntax for messaging systems. Excessive use of XML as a communication medium created an aligned interest in ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in
InfoSecCD '10: 2010 Information Security Curriculum Development Conference
October 2010
187 pages
ISBN:9781450302029
DOI:10.1145/1940941
Conference Chairs:
Mike Whitman,
Herb Mattord
Copyright © 2010 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 1 October 2010
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
XML
XML encryption
XML security
XML signature
information assurance
information security
Qualifiers
- research-article
Conference

Acceptance Rates
Overall Acceptance Rate18of23submissions,78%
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 2
  Total Citations
  View Citations
- 579
  Total Downloads
- Downloads (Last 12 months)2
- Downloads (Last 6 weeks)1
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

XML security in healthcare web systems

InfoSecCD '10: 2010 Information Security Curriculum Development Conference

ABSTRACT

References

Cited By

Index Terms

Recommendations

A Confidential Electronic Result Transfer Using a Hybrid XML Security Scheme

XML security - A comparative literature review

Advanced XML Security: Framework for Building Secure XML Management System (SXMS)