skip to main content
10.1145/1940941.1940961acmotherconferencesArticle/Chapter ViewAbstractPublication PagesinfoseccdConference Proceedingsconference-collections
research-article

XML security in healthcare web systems

Published: 01 October 2010 Publication History

Abstract

XML has now opened a totally new approach in digital document handling, processing, and message transmission. XML serves as a strong base for healthcare information systems and HL7 standards for healthcare. Therefore, XML security must be integrated into XML in such a way as to preserve the advantages and abilities of XML while adding necessary security capabilities to maintain the patient and healthcare records as readily available and secure. New techniques are being developed as well as standards based on XML and HL7 health industry standards, which are key for healthcare industry expansion and security in the global environment. This work focuses on XML usage for security implementation in Web-based healthcare. The work presents a general introduction to XML, followed by general issues in XML security, XML security application in healthcare, and finally the future of XML in healthcare, focusing in particular on security issues.

References

[1]
Harold, E. R. 2000. FileMaker XML technology overview. Available online from http://www.filemaker.com
[2]
Exforsys.com. 2009. XML advantages. Available online from http://www.exforsys.com/tutorials/xml/xml-advantages.html
[3]
Exforsys.com. 2009. XML disadvantages. Available online from http://www.exforsys.com/tutorials/xml/xml-disadvantages.html
[4]
W3schools.com. 2009. How can XML be used? Available online from http://w3sschools.com
[5]
Bourret, R. 2009. XML and databases. Available online from http://www.rpbourret.com/xml/XMLAndDatabases.htm#isxmladatabase
[6]
Wikipedia.org. 2009. XML database. Available online from http://en.wikipedia.org/wiki/XML_database
[7]
Isgmlug.org. 2009. XML and databases. Available online from http://www.isgmlug.org/database.html
[8]
Yu, Y. 2005. Benchmarking of native XML database systems. Thesis Submitted in Fulfilment of the Master of Computer Science. University of Wollongong New South Wales, Australia.
[9]
Microsoft. 2008. MSN Encarta. Available online from http://encarta.msn.com/
[10]
Nicola, M., Kogan, I., Raghu, R., Gonzalez, A., Schiefer, B., & Xie, K. 2009. An XML database benchmark: Transaction processing over XML (TPoX) version 1.2. Available online from http://tpox.sourceforge.net/
[11]
Nambiar, U., Lacroix, Z., Bressan, S., Lee, M. L., & Li, Y. 2001. XML benchmarks put to the test. In Proceedings of the Third International Conference on Information Integration and Web-based Applications & Services (IIWAS). Linz, Austria: the Austrian Computer Society.
[12]
Schmidt, A. R., Waas, F., Kersten, M. L., Florescu, D., Manolescu, I., & Carey, M. J. 2001, April. The XML benchmark project. Technical Report INS-R0103, CWI. Amsterdam, The Netherlands: CWI.
[13]
Schmidt, A., Waas, F., Kersten, M., Florescu, D., Carey, M. J., Manolescu, I., et al. 2001. Why and how to benchmark XML databases. Association for Computing Machinery, SIGMOD, 30(3).
[14]
Chaudhri, A. B., Rashid, A., & Zicari, R. 2003. XML data management: Native XML and XML-enabled database systems. NJ: Addison-Wesley.
[15]
Gray, J. E. 1993. The benchmark handbook for database and transaction processing systems (2nd ed.). San Francisco: Morgan Kaufmann Publishers.
[16]
Oracle.com. 2002. Oracle9i Application Server Security Guide Release 2 (9.0.2) Part Number A90146--01. Available online from http://www.oracle.com.
[17]
Hale, L. P. 2002. Oracle9i application server security guide, release 2 (9.0.2). Available online from http://www.di.unipi.it/~ghelli/didattica/bdl/A97329_03/core.902/a90146/title.htm
[18]
Bravetti, M., Lucchi, R., Zavattaro, G., & Gorrie, R. 2004. Web services for E-commerce: Guaranteeing security access and quality of service. Proceedings of the 2004 ACM symposium on Applied computing (pp. 800--806). ACM.
[19]
Argoc.com. 2006. SOA security in a federated Web services environment security standards for information assurance. Rockville, MD 20852: Argosy Omnimedia Inc.
[20]
Wikipedia.org. 2009. Privacy. Available online from http://en.wikipedia.org/wiki/Privacy
[21]
Sitepoint.com. 2009. Getting started with XML security. Available online from http://articles.sitepoint.com: http://articles.sitepoint.com
[22]
Dournaee, B. 2002. XML security. NY: McGraw-Hill Osborne Media.
[23]
Biba, K. 1977, April. Integrity considerations for secure computer systems. Technical Report ESD-TR-76-372, ESD/AFSC, Hanscom AFB, Bedford, MA.
[24]
Hirsch, F. 2002. Getting started with XML security. Available online from http://www.sitepoint.com/article/getting-started-xml-security.
[25]
W3C.org. 2007. XML security use cases and requirements. Available online from http://www.w3.org
[26]
W3C.org. 2008. XML security specifications maintenance working group. Available online from http://www.w3.org/
[27]
Grundy, P. 2005. DataPower, XML and healthcare services. Available online from http://healthnex.typepad.com
[28]
Simon, E., Madsen, P., & Adams, C. 2001. An introduction to XML digital signatures. Available online from http://www.xml.com/pub/a/2001/08/08/xmldsig.html.
[29]
W3C.org. 1999. XML signature requirements. Available online from
[30]
McIntosh, M., & Austel, P. 2005. XML signature element wrapping attacks and countermeasures. Proceedings of the 2005 Workshop on Secure Web Services (pp. 20--27).
[31]
W3C.org. 2009. XML encryption requirements. Available online from http://www.w3.org/2000/11/15-xml-encryption-req.html
[32]
Geuer-Pollmann, C. 2004. Confidentiality of XML documents by pool encryption. Universität Siegen Institut für Digitale Kommunikationssysteme.
[33]
W3schools.com. 2009. W3schools.com. Available online from http://www.w3schools.com/xmL/xml_tree.asp
[34]
Bartlett, R., & Cook, M. 2002. Technical Report No. CIT/15/2002: XML security using XSLT. University of Western Sydney.
[35]
W3C.org. 2009. XML key management (XKMS 2.0) requirements. Available online from http://www.w3.org/TR/xkms2-req
[36]
Service-architecture.com. 2009. Healthcare XML. Available online from http://www.service-architecture.com/xml/articles/healthcare_xml.html
[37]
Dudeck, J. 2000. XML Europe 2000 (general introduction). Available online from http://www.gca.org/attend/2000_conferences/europe_2000/schedule_friday.htm
[38]
Nssn.org. (2009). XML standards. Available online from http://www.nssn.org/search/AdvancedSearch.aspx
[39]
W3C.org. (2008). XML security working group. Available online from
[40]
http://www.w3.org/2008/xmlsec/Nsa.gov. 2005. Fact sheet NSA Suite B cryptography. Available online from http://www.nsa.gov/ia/industry/crypto_suite_b.cfm

Cited By

View all
  • (2013)Designing a new E-Commerce authentication framework for a cloud-based environment2013 IEEE 4th Control and System Graduate Research Colloquium10.1109/ICSGRC.2013.6653275(53-58)Online publication date: Aug-2013
  • (2013)A survey on XML security2013 International Conference on Recent Trends in Information Technology (ICRTIT)10.1109/ICRTIT.2013.6844275(638-642)Online publication date: Jul-2013

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Other conferences
InfoSecCD '10: 2010 Information Security Curriculum Development Conference
October 2010
187 pages
ISBN:9781450302029
DOI:10.1145/1940941
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

  • KSU - CISE: KSU Center for InfoSec Education
  • ISSA: The Metro Atlanta Information Systems Security Association

In-Cooperation

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 01 October 2010

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. XML
  2. XML encryption
  3. XML security
  4. XML signature
  5. information assurance
  6. information security

Qualifiers

  • Research-article

Conference

InfoSecCD '10
Sponsor:
  • KSU - CISE
  • ISSA

Acceptance Rates

Overall Acceptance Rate 18 of 23 submissions, 78%

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)6
  • Downloads (Last 6 weeks)0
Reflects downloads up to 12 Feb 2025

Other Metrics

Citations

Cited By

View all
  • (2013)Designing a new E-Commerce authentication framework for a cloud-based environment2013 IEEE 4th Control and System Graduate Research Colloquium10.1109/ICSGRC.2013.6653275(53-58)Online publication date: Aug-2013
  • (2013)A survey on XML security2013 International Conference on Recent Trends in Information Technology (ICRTIT)10.1109/ICRTIT.2013.6844275(638-642)Online publication date: Jul-2013

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media